We are migrating our networks to Checkpoint and have about 60 VLANs where various devices ask the default GW for NTP. Ths wasn't a problem before, but since checkpoint can't work as an NTP server I thought we could just redirect the traffic to the def GW to our NTP server.
This was harder than expected though. 
I don't have any experience with NAT on checkpoint since we don't use it on this site, but it sounded simple in my head. I don't really understand how it's supposed to be done in checkpoint though.
I tried:
NAT, Original: (src: <VLAN> dst:<def GW> service:NTP ) Translated: ( dst:<NTP server>, rest original)
and FW Policy allowing NTP traffic to def GW.
The VLAN itself is already allowed to communicate with the NTP server in an earlier policy, since on some devices in the VLAN it is easy to fix the NTP settings.
But the traffic is still dropped. Do i need to add a host-object with NAT checked and the translated address for every VLAN as well?
Or isn't this possible at all?
| User | Count |
|---|---|
| 8 | |
| 6 | |
| 5 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 |
Thu 09 May 2024 @ 05:00 PM (CEST)
Under the Hood: Automate Azure Virtual WAN security deployments with TerraformThu 16 May 2024 @ 10:00 AM (CEST)
EMEA: Playblocks & MS Defender – Security Automation DeepDive into New Endpoint IntegrationThu 16 May 2024 @ 04:00 PM (CEST)
CheckMates Live DACH - ACHTUNG, Sie werden gehackt! So schützen Sie sich!Thu 16 May 2024 @ 05:00 PM (CEST)
Americas: Playblocks & MS Defender – Security Automation DeepDive into New Endpoint IntegrationThu 16 May 2024 @ 04:00 PM (CEST)
CheckMates Live DACH - ACHTUNG, Sie werden gehackt! So schützen Sie sich!Fri 17 May 2024 @ 10:00 AM (CEST)
CheckMates Live Netherlands - Sessie 26: ElasticXL & VSNext DescriptionTue 21 May 2024 @ 10:00 AM (CEST)
CheckMates Live DACH - Einführung in Check Points Hyperscalinglösung - Quantum Maestro
