This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
B_P
Advisor
‎2023-07-14 12:34 PM
Jump to solution

Gaia traffic outside of VPN Domain is blocked due to "Clear text packet should be encrypted" ?

Traffic originating on "Check Point 1" (CP1) going to a network behind "Check Point 2" (CP2) is blocked by CP2 because of "Clear text packet should be encrypted." But the interface CP1 is sending the traffic from is not in the VPN Domain network and therefore should not be encrypted. Why does CP2 think CP1's traffic should be encrypted? R81.10 T95

CPVPNDomain.png

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2023-07-14 03:48 PM
Jump to solution

Scenario 3 here: https://support.checkpoint.com/results/sk/sk108600

View solution in original post

6 Replies
PhoneBoy
Admin
Admin
‎2023-07-14 03:48 PM
Jump to solution

Scenario 3 here: https://support.checkpoint.com/results/sk/sk108600

Daniel_Toader
Participant
‎2023-07-15 04:39 PM
In response to PhoneBoy
Jump to solution

How define in a crypt.def a subnet , not just an IP.

0 Kudos
PhoneBoy
Admin
Admin
‎2023-07-18 01:36 PM
In response to Daniel_Toader
Jump to solution

Using the standard INSPECT syntax: net(<Network_IP_Address>, <Mask_Length>)

For example, for the subnet 192.0.2.0/24, you'd use: net(192.0.2.0,24)

B_P
Advisor
‎2023-07-17 07:42 AM
In response to PhoneBoy
Jump to solution

That applies only when 3rd party firewalls are involved, no? Surely not when only Check Point firewalls are involved.

0 Kudos
Bob_Zimmerman
Authority
Authority
‎2023-07-17 07:56 AM
In response to B_P
Jump to solution

It's mostly when only Check Point firewalls are involved. That functionality is how "permanent tunnels" work.

0 Kudos
B_P
Advisor
‎2023-07-25 04:03 PM
In response to Bob_Zimmerman
Jump to solution

Regardless, Management should handle it behind the scenes. I don't understand Check Point's philosophy of "User interface says one thing and system does another."

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events