This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
kb1
Collaborator
‎2020-02-22 11:51 AM

Can anyone tell me how to unblock a website

So my team got assigned a service request from someone who is not able to access a website, I'm assuming the checkpoint firewall is blocking it or it could something else maybe a bluecoat or something that we use in our company that is blocking it, but if it really is the checkpoint that is blocking it how do I verify that? The URL filtering blade is responsible for that right? (I don't think we have url filled enabled on any of the firewalls but I could be wrong) , and if it does turn out that the checkpoint is blocking it how do I unblock it? And how do I know which firewall is blocking it? By looking at the logs? And to unblock it do I just have to create a simple rule?

Any help would be absolutely appreciated!

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2020-02-22 12:00 PM

What is the precise behavior the user experiences?
Can you provide screenshots?
From that we may be able to determine next course of action.
But in general, yes, you're looking at logs to see if the traffic is even going through the gateway, much less being blocked by it.
Then, yes, some sort of rule to allow that website.
What that looks like depends on what blade is blocking the traffic and what blades you have available.
0 Kudos
kb1
Collaborator
‎2020-02-22 12:07 PM
In response to PhoneBoy

Screenshot_20200222-130512_Outlook.jpg

As you can see that was the ticket that was created, the trello.com website is apparently being blocked, no other details present besides the use case for accessing the website, since it's a Saturday I will have to ask on Monday for further details like error shown,etc.

0 Kudos
HeikoAnkenbrand
Champion Champion
Champion
‎2020-02-22 01:52 PM

Hi @kb1,

If the page is blocked you should see this in the log of the firewall or in the log of Symantec (Bluecoat) SG.

It's the wrong forum, but I can help you on the Bluecoat. 

Create a trace file on the Bluecoat with the following steps:

1) Creat a new "Web Access Layer"
2) Move the Web Access Layer to position 1.
3) Now creat a rule with the destination www.trello.com and an action "trace file"
4)  >>> Open the URL on the browser
5)  Now check the trace file on the Bluecoat SG under https://<Bluecoat_IP>:8082/policy/  -> trace files

At the same time check the following on the Check Point gateway:

1) Resolve the IP via DNS name www.trello.com
2) Start "fw ctl zdebug drop | grep <www.trello.com_IP>
3) >>> Open the URL on the browser

This should let you see who is generating the issue.

Regards 
Heiko

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos
kb1
Collaborator
‎2020-02-22 01:57 PM
In response to HeikoAnkenbrand

Thank you very much for your suggestion, will try it out on Monday and provide an update.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events