cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

IPS-Blocks between FW Gateways

Hello Check Mates,

The IPS on the border firewalls at our customers site blocks management traffic (mostly port 18264) from other Check Point Gateways. 

The firewalls communicate to the external IP of the border gateway.

See the pictures atteched.

Do you have any idea why this happens?

Best regards Anna

0 Kudos
2 Replies

Re: IPS-Blocks between FW Gateways

Hi Anna,

 

On a first look the attached logs look suspicious

The client type in the logs hints the source of these connections is not a CP gateway

The fact that target is port 18264 FW1_ica_services may be significant here

 

TCP port 18264 is the port used for FW1_ica_services 

It is possible to use internal CA certificates for client connections as well as for site-to-site connections with other gateways,  these VPN peers must be given access to the CRL list through FW1_ica_services 


Please send me PM to further discuss this, my email is marioz@checkpoint.com

Best Regards, Mario
marioz@checkpoint.com

Re: IPS-Blocks between FW Gateways

HI Mario,

thanks for the reply!

I will check your reccommendation with the custoemr and give you feedback as soon as I've testet it.

BR Anna

0 Kudos