This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Beverley_Cudd
Contributor
‎2019-04-08 08:56 AM
Jump to solution

Missing cleanup rule when a rule is definetely set

I am getting the following message even though we have a cleanup rule configured - Missing cleanup rule - Unmatched traffic will be dropped and not logged.

I have checked the Advanced tab in Manage Policies and layers, Layers  and it is defintely ticked to Drop traffic. We also have a rule at the bottom of our policies to as Any, Any, Any, Drop, Log.

We are running R80.10.

3 Solutions

Accepted Solutions
Maarten_Sjouw
Champion
Champion
‎2019-04-08 02:22 PM
In response to PhoneBoy
Jump to solution

I have seen the exact same thing in a layer, as long as it is not the originally created cleanup rule, which is created when you create the layer (at least in R80.10), it is not seen as THE Layer Cleanup Rule.
Regards, Maarten

View solution in original post

Beverley_Cudd
Contributor
‎2019-04-09 02:17 AM
Jump to solution

New file attached showing what happens if I try to add a cleanup rule from the dropdown option.

View solution in original post

Preview file
125 KB
Timothy_Hall
Legend Legend
Legend
‎2019-04-09 06:29 AM
In response to Beverley_Cudd
Jump to solution

Set Install On field in your cleanup rule to Any/Policy Targets and the warning will go away.  As configured your cleanup rule does not apply to all gateways which is causing the warning.

 

Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm

View solution in original post

7 Replies
Timothy_Hall
Legend Legend
Legend
‎2019-04-08 12:28 PM
Jump to solution

Can you please provide a full-width screenshot of your cleanup rule as well as the warning below it?

 

Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm
0 Kudos
Beverley_Cudd
Contributor
‎2019-04-09 01:51 AM
In response to Timothy_Hall
Jump to solution

Have attached a copy of the config and rule as requested.

This seems to have only appeared since we upgraded the gatewas from the 77.30 to 80.10 and the Management server from R80.0 to R80.10.

Also same for R75.30 that is managed by R80.10.

 

Preview file
50 KB
PhoneBoy
Admin
Admin
‎2019-04-08 12:53 PM
Jump to solution

A rule is only considered a cleanup rule if it is "any any any" with either an accept or drop action.
What is your final rule look like?
0 Kudos
Maarten_Sjouw
Champion
Champion
‎2019-04-08 02:22 PM
In response to PhoneBoy
Jump to solution

I have seen the exact same thing in a layer, as long as it is not the originally created cleanup rule, which is created when you create the layer (at least in R80.10), it is not seen as THE Layer Cleanup Rule.
Regards, Maarten
Beverley_Cudd
Contributor
‎2019-04-09 02:17 AM
Jump to solution

New file attached showing what happens if I try to add a cleanup rule from the dropdown option.

Preview file
125 KB
Timothy_Hall
Legend Legend
Legend
‎2019-04-09 06:29 AM
In response to Beverley_Cudd
Jump to solution

Set Install On field in your cleanup rule to Any/Policy Targets and the warning will go away.  As configured your cleanup rule does not apply to all gateways which is causing the warning.

 

Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm
Beverley_Cudd
Contributor
‎2019-04-23 05:04 AM
In response to Timothy_Hall
Jump to solution

Thanks that has cleared the message.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events