cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

ICMP-Proto added to Anonymizer

Policy Installation Failure - 1Policy Installation Failure - 2While trying to install policy to our Gateway cluster, we received the following failure message:

Come to find out during the 7/30 URLF/App Ctrl automagic update, the Anonymizer object was updated and now has the icmp-proto included which appears to be causing the installation failure.

Is the inclusion of icmp-proto in the Anonymizer intentional or accidental?

Also, if it was intentional, is it permanent?

Thank You,

Albert

9 Replies
Admin
Admin

Re: ICMP-Proto added to Anonymizer

The images you embedded didn't come across.

In any case, I recommend engaging with the TAC as I can't imagine this change was intentional.

Contact Support | Check Point Software 

0 Kudos
Employee+
Employee+

Re: ICMP-Proto added to Anonymizer

Hi,

The issue has been resolved earlier today with the latest online update package.

Please make sure the Security Management server is updated and push policy.

Thanks...

  --Mor

.

0 Kudos

Re: ICMP-Proto added to Anonymizer

Thanks, Mor.

I ran the manual Management update and the Anonymizer is back to its original state and I should not run into the same issue when I install policy this evening to my R77.30 cluster.

Thanks, again.

Albert

0 Kudos
Vladimir
Pearl

Re: ICMP-Proto added to Anonymizer

Hmm... I see the ICMP in the Anonymizer, but in and by itself it does not cause any issues:

  

0 Kudos
Employee+
Employee+

Re: ICMP-Proto added to Anonymizer

The issue is only related to setups with R80.10 managing R77.X or earlier GWs..

0 Kudos
Vladimir
Pearl

Re: ICMP-Proto added to Anonymizer

Understood. Did the latest update remove the ICMP Proto from Anonymizers, or is it still present and some-kind of background logic was embedded to differentiate installation targets?

0 Kudos
Employee+
Employee+

Re: ICMP-Proto added to Anonymizer

The latest update removed the ICMP service from the category (two categories were affected - Critical Risk & Anonymizers).

We're working with the relevant groups to explore alternative vehicle for delivering this change to the field.

0 Kudos
Vladimir
Pearl

Re: ICMP-Proto added to Anonymizer

Thanks! Seeing same thing after manual update: ICMP is removed from two categories.

Re: ICMP-Proto added to Anonymizer

Still seeing similar issue for icmp_request,. traffic is being dropped due its falls under other category as well.

Database already updated manually and it doesn't has the icmp serivces listed under Anonymizer and Critical risk.

it consider icmp request as - application name : DET (Data Exfiltration Toolkit - ICMP Mode)

0 Kudos