This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
antsvett3
Participant
‎2025-12-04 06:26 AM
Jump to solution

One interface active cause ssh/https connectivity?

Hi All,

I'm trying to set up a lab but I only have my laptop connected to my check point appliance. When i have policy installed permitting my laptop to the firewall on ssh/https I can not connect. I'm wondering if this is because I only have the Mgmt interface up. When looking at the logs the connection is bypassing the accept and going to the clean up rule. Unload the policy and no issues. I'm Running R81.10 jumbo take 181.

Any insight is appreciated.

 

Thanks,

Anthony

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2025-12-04 07:40 AM
In response to antsvett3
Jump to solution

The IP has a typo 182 rather than 192.

CCSM R77/R80/ELITE

View solution in original post

12 Replies
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2025-12-04 06:50 AM
Jump to solution

How have you defined the object / rules and what does the topology of the gateway object otherwise look like?

CCSM R77/R80/ELITE
0 Kudos
antsvett3
Participant
‎2025-12-04 07:13 AM
In response to Chris_Atkinson
Jump to solution

Hi,

I forgot to mention this is a standalone environment.

I've attached some screenshots. I don't see any issue.

 

 

 

Preview file
24 KB
Preview file
22 KB
Preview file
55 KB
Preview file
59 KB
0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2025-12-04 07:27 AM
In response to antsvett3
Jump to solution

Kindly share the properties of the host object "H-192.168.1.2" ?

CCSM R77/R80/ELITE
0 Kudos
antsvett3
Participant
‎2025-12-04 07:37 AM
In response to Chris_Atkinson
Jump to solution

pls see attached

Preview file
23 KB
Preview file
21 KB
Preview file
28 KB
Preview file
28 KB
Preview file
34 KB
0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2025-12-04 07:40 AM
In response to antsvett3
Jump to solution

The IP has a typo 182 rather than 192.

CCSM R77/R80/ELITE
the_rock
MVP Diamond
MVP Diamond
‎2025-12-04 07:41 AM
In response to Chris_Atkinson
Jump to solution

Good catch Chris, thats gotta be it.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
antsvett3
Participant
‎2025-12-04 07:41 AM
In response to Chris_Atkinson
Jump to solution

OMG you're right. I'm so sorry. I appreciate the eyes.

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2025-12-04 07:32 AM
Jump to solution

2 things could my eye. Shows failing on rule 3, but clean up rule is 3. Do you have another ordered layer because if yes, it needs to be allowed on it. Also, what does fw stat show?

See example from my lab:

Screenshot_3.png

Screenshot_1.png

Screenshot_2.png

   

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
antsvett3
Participant
‎2025-12-04 07:34 AM
In response to the_rock
Jump to solution

sorry, thats because i just deleted a rule after i tried to create an interface without having a connection to it. Prior to that it said dropped by rule 2.

 

[Expert@inet-fw:0]# fw stat
HOST POLICY DATE
localhost test-ssh 4Dec2025 10:38:42 : [>Mgmt] [<Mgmt]

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2025-12-04 07:35 AM
In response to antsvett3
Jump to solution

What time zone are you in? If you want, we can do quick remote in a bit on my break and Im sure we can figure it out.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
antsvett3
Participant
‎2025-12-04 07:42 AM
In response to the_rock
Jump to solution

Thanks Andy. Looks like I had a typo in the IP and its working now. Appreciate all the feedback.

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2025-12-04 07:43 AM
In response to antsvett3
Jump to solution

It happens, no worries.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events