This website uses cookies. By browsing this website, you consent to the use of cookies. Learn more.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Highlighted
kb1
Copper
‎2020-02-22 11:51 AM

Can anyone tell me how to unblock a website

So my team got assigned a service request from someone who is not able to access a website, I'm assuming the checkpoint firewall is blocking it or it could something else maybe a bluecoat or something that we use in our company that is blocking it, but if it really is the checkpoint that is blocking it how do I verify that? The URL filtering blade is responsible for that right? (I don't think we have url filled enabled on any of the firewalls but I could be wrong) , and if it does turn out that the checkpoint is blocking it how do I unblock it? And how do I know which firewall is blocking it? By looking at the logs? And to unblock it do I just have to create a simple rule?

Any help would be absolutely appreciated!

0 Kudos
Reply
4 Replies
Highlighted
PhoneBoy
Admin
Admin
‎2020-02-22 12:00 PM

What is the precise behavior the user experiences?
Can you provide screenshots?
From that we may be able to determine next course of action.
But in general, yes, you're looking at logs to see if the traffic is even going through the gateway, much less being blocked by it.
Then, yes, some sort of rule to allow that website.
What that looks like depends on what blade is blocking the traffic and what blades you have available.
0 Kudos
Reply
Highlighted
kb1
Copper
‎2020-02-22 12:07 PM

Screenshot_20200222-130512_Outlook.jpg

As you can see that was the ticket that was created, the trello.com website is apparently being blocked, no other details present besides the use case for accessing the website, since it's a Saturday I will have to ask on Monday for further details like error shown,etc.

0 Kudos
Reply
Highlighted
HeikoAnkenbrand
Ruby
‎2020-02-22 01:52 PM

Hi @kb1,

If the page is blocked you should see this in the log of the firewall or in the log of Symantec (Bluecoat) SG.

It's the wrong forum, but I can help you on the Bluecoat. 

Create a trace file on the Bluecoat with the following steps:

1) Creat a new "Web Access Layer"
2) Move the Web Access Layer to position 1.
3) Now creat a rule with the destination www.trello.com and an action "trace file"
4)  >>> Open the URL on the browser
5)  Now check the trace file on the Bluecoat SG under https://<Bluecoat_IP>:8082/policy/  -> trace files

At the same time check the following on the Check Point gateway:

1) Resolve the IP via DNS name www.trello.com
2) Start "fw ctl zdebug drop | grep <www.trello.com_IP>
3) >>> Open the URL on the browser

This should let you see who is generating the issue.

Regards 
Heiko

Tags (1)
0 Kudos
Reply
Highlighted
kb1
Copper
‎2020-02-22 01:57 PM

Thank you very much for your suggestion, will try it out on Monday and provide an update.
0 Kudos
Reply