This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Niokhobaye
Participant
‎2024-05-08 10:41 AM

Flux dns et ping Check point

In a network architecture . We have a Check point front-end firewall version R77.30. The objective is to replace this Check Point firewall with a Check Point Quantum 6200 cluster. On the back end, we have a Fortinet back-end firewall. Partial migration is already done manually: host, service, domain, network, network group etc. and even policies (disable). But the migration is not yet complete. We have connected the new Check Point to the network (no static route configured). How do you explain the fact that flows pass through the new Check point firewall? (DNS and ping flows).

0 Kudos
5 Replies
the_rock
Legend
Legend
‎2024-05-08 12:52 PM

Can you send output of command route from expert mode?

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2024-05-08 04:23 PM

Without any idea what the topology is, it's difficult to answer that question.
Please provide a network diagram.

0 Kudos
Niokhobaye
Participant
‎2024-05-09 02:59 AM
In response to PhoneBoy

hi you can the screenshot PJ (Logs and Topology) Thanks

Preview file
58 KB
Preview file
82 KB
0 Kudos
PhoneBoy
Admin
Admin
‎2024-05-09 08:02 AM
In response to Niokhobaye

You are seeing logs, clearly.
Did you verify actual end-to-end connectivity or do any tcpdumps to see that traffic was leaving the gateway?

0 Kudos
Niokhobaye
Participant
‎2024-05-09 08:17 AM
In response to PhoneBoy

Yes, there are peplinks in front of the check points (connectivity works with the check points successfully). Outgoing flows go to the old check point. This problem occurred when we manually migrated all policies to the new check point (especially NAT flows).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events