This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Firewall_Head
Explorer
yesterday

A simple question on Anti-spoofing ?

Hi Checkmates,

First, please have a look at the snap of my topology.Anti-spoofing.jpg
1> When I try to take SSH of the interface eth2 from PC1, why am I not denied the access by anti-spoofing, because I come with a different IP (10.10.10.10) to eth2 interface.

2> Will my request get internally routed within the Check Point GW and get accepted ?

Can somebody help me with my simple question.

Thanks in advance !

======

WR,

FH

0 Kudos
4 Replies
Alex-
Leader Leader
Leader
yesterday

You come from eth1 with subnet 10.10.10.0/24 with an IP in that range, so anti-spoofing won't block you there.

The access control policy could allow or block you.

Anti-spoofing, depending how it's configured, will check the validity of the source IP incoming on any given interface, to put it simply.

 

Eth2 would perform anti-spoofing if you came in with 10.10.10.10 as source on that interface if you choose to match interface IP and range for instance.

0 Kudos
Firewall_Head
Explorer
yesterday
In response to Alex-

Thanks for the reply @Alex- ,

So how many times is the traffic inspected at the firewall, won't it check the SRC IP is 10.10.10.10 and the DST is 20.20.20.0/24 and block it.

Can you put this step by step please ?

====

WR,

FH

0 Kudos
Timothy_Hall
Legend Legend
Legend
yesterday
In response to Firewall_Head

See here:

A Primer on Anti-spoofing

Attend my online "Be your Own TAC: Part Deux" CheckMates event
March 27th with sessions for both the EMEA and Americas time zones
0 Kudos
the_rock
Legend
Legend
yesterday

Hey brother,

@Alex- is 100% right. Btw, check below, I find its basic, but an EXCELLENT reference.

Andy

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topi...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 18 Mar 2025 @ 09:30 AM (EET)

    CheckMates Live Greece
    In-Person

    Tue 25 Mar 2025 @ 09:00 AM (EDT)

    Canada In-Person Cloud Security with Hands-On CloudGuard Workshops!
    In-Person

    Tue 25 Mar 2025 @ 12:00 PM (MDT)

    Salt Lake City: CPX 2025 Recap
    In-Person

    Tue 08 Apr 2025 @ 12:00 PM (MDT)

    Denver: CPX 2025 Recap
    CheckMates Events