This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Gregory_Welch
Participant
‎2017-07-27 07:55 AM
Jump to solution

App Control issue with R80 MGMT, 1400 Appliance

I recently build an R80.10 Management server and joined a gateway to it.  I ran into a problem.  The gateway is a 1470W Appliance that runs R77.20.40 Embedded GAIA.  I built a very basic policy and installed it without issue.  I then tried to turn on the App Control and URL Filtering Blades, then push a policy with App Control rules and got the following error (screen shot attached).  Does anybody know how I can use App Control and URL Filtering with my current setup?  I'm sure the long term fix is probably to wait for R80 version of Embedded Gaia, but that may be a while.  

Preview file
97 KB
0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2017-07-27 08:18 AM
Jump to solution

This is a fairly standard issue that will occur when you are managing pre-R80 gateways with R80.

To work around this, you have to construct your policy in the manner that pre-R80 versions support.

Your policy package has to have two layers:

  • Firewall only (first one)
  • App Control / URL Filtering (second one)

Here's a screenshot that shows what the first layer should be like:

The second layer will have both Firewall and Applications & URL Filtering checked.

Your App Control rules will go in the second layer and will only be reached if the Firewall layer matches the connection with an Accept.

More details on the subject here: Application Control and URL Filtering Pre-R80 Security Gateways with R80 Security Management 

View solution in original post

2 Replies
PhoneBoy
Admin
Admin
‎2017-07-27 08:18 AM
Jump to solution

This is a fairly standard issue that will occur when you are managing pre-R80 gateways with R80.

To work around this, you have to construct your policy in the manner that pre-R80 versions support.

Your policy package has to have two layers:

  • Firewall only (first one)
  • App Control / URL Filtering (second one)

Here's a screenshot that shows what the first layer should be like:

The second layer will have both Firewall and Applications & URL Filtering checked.

Your App Control rules will go in the second layer and will only be reached if the Firewall layer matches the connection with an Accept.

More details on the subject here: Application Control and URL Filtering Pre-R80 Security Gateways with R80 Security Management 

Gregory_Welch
Participant
‎2017-07-27 10:27 AM
Jump to solution

Thanks for the help.  I got to learn about "layers".  Thanks Again.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events