This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jubish_Ramakris
Explorer
‎2018-04-04 06:56 AM

Domain object is not working in R80.10 properly

Dear Team,

I have added domain object in a rule (non-fqdn) and it is not working properly in checkpoint R80.10

The requirement was for O365.com

As it was not working I have tried with fqdn as well and still, the issue is same.

Added domain objects for all related URLs (eg. microsoft.com etc.), but no luck.

Did reverse nslookup as well and added the obtained domains.

Traffic is not hitting the particular rule.

As per the clean-up rule drop, in the tracker, the traffic is trying to reach the IP address for O365 server and our domain object is not able to resolve that.

When we added a rule with O365 IP addresses, the traffic is passing via that rule.

We are facing similar issues with some other URLs as well.

Is it a known issue with R80.10? 

Is there any alternate methods or any dependencies for domain objects?

0 Kudos
6 Replies
Kaspars_Zibarts
Employee Employee
Employee
‎2018-04-04 10:20 AM

It works for us perfectly as described in this sk

Domain Objects in R80.10 and above 

Read it carefully. FQDN myst be specific (*.something will not work)

Also make sure that DNS resolution works on the gateway

0 Kudos
Vincent_Bacher
Advisor
Advisor
‎2018-04-04 01:34 PM
In response to Kaspars_Zibarts

(*.something will not work)

For *.something I assume you need application control.

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
PhoneBoy
Admin
Admin
‎2018-04-04 04:05 PM

Domain objects in general do not require Application Control.

However, Application Control is useful in allowing access to Office 365.

Screenshots of exactly what you've tried to configure would be helpful.

0 Kudos
Vincent_Bacher
Advisor
Advisor
‎2018-04-04 09:25 PM
In response to PhoneBoy

I meant wildcards, not domain objects in general.

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
Kaspars_Zibarts
Employee Employee
Employee
‎2018-04-04 09:44 PM

Remember there are other options if you don't have access to AC blade. There are number of scripts available that can generate IPs for O365 so you can stick with old school FW rules. Smiley Happy

Just search community for O365.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top