This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Pvalderrama
Explorer
‎2022-12-01 07:24 AM

Traffic to domain excepted is still blocked

Hello friends,

Nice to greet you all.

I need your help. I have the following problem. I need to access the website "usage.projectcalico.org" I have enabled it by regex and by fqdn, and the log also shows the domain *r.cloudfront.net, which I have also enabled by wildcard regex "*r.cloudfront .net" .... but the lock remains. It can be seen in the "SNI" column that contains the domain that I want to enable. Also, I have enabled a bypass rule in SSL inspection, but the blocking persists. Has anyone else had this problem and know how to fix it? I attach the evidence image.

Preview file
108 KB
0 Kudos
5 Replies
the_rock
Legend
Legend
‎2022-12-01 05:29 PM

Can you try by allowing custom app site and try *projectcalico* and also bypass that in https inspection policy.

0 Kudos
PhoneBoy
Admin
Admin
‎2022-12-02 03:40 PM

What version/JHF level are you running?
We only use Verified SNI if you’re on R80.40 or above.
In R80.30 or R80.20, you need to be on a specific JHF level AND have HTTPS Inspection enabled. 

0 Kudos
Pvalderrama
Explorer
‎2022-12-05 06:33 AM
In response to PhoneBoy

Hi, friend. Thank you very much for the reply. I have version r81.10

0 Kudos
Blason_R
Leader
Leader
‎2022-12-02 09:41 PM

Did you try creating a domain object/FQDN Object? and keeping same dns on firewall which is kept at user level?

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-12-05 06:43 AM

 

usage.projectcalico.org is not available in firefox also without CP GW:

 

Headers:
 
Connection keep-alive
Content-Length 23
Content-Type application/json
Date Mon, 05 Dec 2022 14:41:39 GMT
Via 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
X-Amz-Cf-Id zk4XqztmW584JeeKX51WBO5Umsg8Jmn1oJT4RPQUFHKWu8oY8CiG3w==
X-Amz-Cf-Pop VIE50-C2
X-Cache Error from cloudfront
x-amz-apigw-id crVtpFdMNjMFoYg=
x-amzn-ErrorType ForbiddenException
x-amzn-RequestId 7af7c8f5-4dde-40bd-b8e4-ad09ae2f7c11
 
Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Encoding gzip, deflate, br
Accept-Language de,en-US;q=0.7,en;q=0.3
Connection keep-alive
DNT 1
Host usage.projectcalico.org
Sec-Fetch-Dest document
Sec-Fetch-Mode navigate
Sec-Fetch-Site none
Sec-Fetch-User ?1
Upgrade-Insecure-Requests 1
User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:107.0) Gecko/20100101 Firefox/107.0
CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events