This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Libin_Thomas
Contributor
‎2018-11-25 12:04 AM

Custom ports access not working after doing R80.10 upgrade

 All,

 Recently we upgraded the firewall and management to R80 .10 , all services and vpn came up but we faced issues in site to site vpn . Multiple custom port applications and voip phones were not working through site to site vpn .

HO is the checkpoint and the remote site is cyberroam , we were able to telnet the port but could not able to access the application with custom ports. we created the custom port and tried, also checked the match for any other  option as well but didn't work. 

when we reverted it back to R77.30 everything works. 

Any thoughts or inputs will be much appreciated. 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2018-11-25 09:15 AM

Did you downgrade both back to R77.30?

Also some samples of the rules in question may be helpful.

Are you using App Control as well?

Also did you open a TAC case on this?

0 Kudos
Libin_Thomas
Contributor
‎2018-11-25 12:22 PM
In response to PhoneBoy

Did you downgrade both back to R77.30?p- yes we downgraded both boxes to R77.30

Also some samples of the rules in question may be helpful.

In R77.30 The working rule is

Source:Local Vpn domain network

destination :Remote vpn domain network

service :any

community :specific site to to vpn community

In R80.10 – we tried to create a specific rule with custom port on site to site vpn policy\

The custom ports are 8080,1521.avaya ports

Are you using App Control as well?- No

Also did you open a TAC case on this?- yes we opened a critical case but unfortunately TAC worked for 8 hrs and said that it was not an issue with the checkpoint .TAC mentioned that remote site (firewall cyberroam)have issues. But later when we reverted back everything worked .

.

0 Kudos
PhoneBoy
Admin
Admin
‎2018-11-25 06:10 PM
In response to Libin_Thomas

Please send me the SR in a PM.

Did you try it with service "any" in R80.10 as you had it in R77.30?

Did you try it with custom ports in R77.30?

0 Kudos
Mario_Fambach
Explorer
Explorer
‎2020-01-28 03:51 AM
In response to Libin_Thomas

Hi Thomas,

did you solve your issue? I'm asking because I'm having a similar issue after upgrade the SmartCenter from R77.30 to R80.30 by one of my customers.  My customer is using VoIP from Avaya and the communication to the Avaya call manager is running thougth a vpn tunnel. Reverting back to the old R77.30 SmartCenters solves the issues with VoIP.

Thanks!

Mario

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top