Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Albert_Davis
Explorer

ICMP-Proto added to Anonymizer

Policy Installation Failure - 1Policy Installation Failure - 2While trying to install policy to our Gateway cluster, we received the following failure message:

Come to find out during the 7/30 URLF/App Ctrl automagic update, the Anonymizer object was updated and now has the icmp-proto included which appears to be causing the installation failure.

Is the inclusion of icmp-proto in the Anonymizer intentional or accidental?

Also, if it was intentional, is it permanent?

Thank You,

Albert

9 Replies
PhoneBoy
Admin
Admin

The images you embedded didn't come across.

In any case, I recommend engaging with the TAC as I can't imagine this change was intentional.

Contact Support | Check Point Software 

0 Kudos
Mor_Himi
Employee Alumnus
Employee Alumnus

Hi,

The issue has been resolved earlier today with the latest online update package.

Please make sure the Security Management server is updated and push policy.

Thanks...

  --Mor

.

0 Kudos
Albert_Davis
Explorer

Thanks, Mor.

I ran the manual Management update and the Anonymizer is back to its original state and I should not run into the same issue when I install policy this evening to my R77.30 cluster.

Thanks, again.

Albert

0 Kudos
Vladimir
Champion
Champion

Hmm... I see the ICMP in the Anonymizer, but in and by itself it does not cause any issues:

  

0 Kudos
Mor_Himi
Employee Alumnus
Employee Alumnus

The issue is only related to setups with R80.10 managing R77.X or earlier GWs..

0 Kudos
Vladimir
Champion
Champion

Understood. Did the latest update remove the ICMP Proto from Anonymizers, or is it still present and some-kind of background logic was embedded to differentiate installation targets?

0 Kudos
Mor_Himi
Employee Alumnus
Employee Alumnus

The latest update removed the ICMP service from the category (two categories were affected - Critical Risk & Anonymizers).

We're working with the relevant groups to explore alternative vehicle for delivering this change to the field.

0 Kudos
Vladimir
Champion
Champion

Thanks! Seeing same thing after manual update: ICMP is removed from two categories.

Bhautik
Contributor

Still seeing similar issue for icmp_request,. traffic is being dropped due its falls under other category as well.

Database already updated manually and it doesn't has the icmp serivces listed under Anonymizer and Critical risk.

it consider icmp request as - application name : DET (Data Exfiltration Toolkit - ICMP Mode)

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events