This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
hcampuzano
Participant
‎2023-08-11 12:41 PM

Bypass all Blades for a source subnet.

Hello community.
I'd like to ask if there's a way to skip all Blades for a specific sub net to a specific destination, like making the firewall to act as a router for that particular sub nets / hosts.
I was asked to do so as part of an active troubleshooting and I was told it can be done on the CLI.
I've been searching on line but had no luck.
Is it possible? Is there any documentation about it?

 

0 Kudos
3 Replies
Timothy_Hall
Legend Legend
Legend
‎2023-08-11 12:52 PM

Add a rule at the top of your firewall policy accepting all traffic between the subnets in question, then force the traffic into the fastpath where there will be minimal further enforcement:

sk156672: SecureXL Fast Accelerator (fw fast_accel) for R80.20 and above

It isn't quite acting as "just a router" but it is pretty close.  Only catch is if the traffic is in the slowpath/F2F it cannot be forced to the fastpath using this technique.

Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm
0 Kudos
hcampuzano
Participant
‎2023-08-11 03:33 PM
In response to Timothy_Hall

Thank you very much for your input.
Is there a way to validate if the packets are going it the slowpath?

0 Kudos
Machine_Head
Collaborator
Collaborator
‎2023-08-12 01:46 AM
In response to hcampuzano

run "fwaccel conns | grep x.x.x.x". THis is the SecureXL table, means the connection is going medium/fast path. It should be most of the traffic

If your connection is there it can be accelerated with fast_accel.

 

You can check if the connection is in the fw connection table with "fw ctl conntab"

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top