This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Juan_Concepcion
Advisor
‎2018-03-22 07:33 PM
Jump to solution

Remote Access VPN/App+URL Policy Enforcement when split tunneling is disabled

R80.10 Manager

R80.10 VSX with handful of virtual systems

1 Virtual System is handling Endpoint Security VPN:

  • Allow to route through gateway is set
  • Route through gateway is forced via global properties settings
  • ipchicken confirm public ip is that of gateway
  • Rule that reads:
    • src: vpn_pool
    • dst: Internet
    • URL Category attempting to block
    • Action Block/UserCheck Message

Issue: App/URL Policy is not applied to these users even though they are routing through gateway, is this expected behavior? 

1 Solution

Accepted Solutions
Juan_Concepcion
Advisor
‎2018-03-26 05:56 AM
In response to PhoneBoy
Jump to solution

Turns out it was rule order. There was a rule that was set to inspect for content with source of any and it was getting hit first even though remote access rule and subsequent rule to block certain content were after this rule was catching on first rule.

--Juan

View solution in original post

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2018-03-24 09:09 PM
Jump to solution

What rule is actually accepting the traffic?

What's being logged?

Perhaps that might provide a clue.

0 Kudos
Juan_Concepcion
Advisor
‎2018-03-26 05:56 AM
In response to PhoneBoy
Jump to solution

Turns out it was rule order. There was a rule that was set to inspect for content with source of any and it was getting hit first even though remote access rule and subsequent rule to block certain content were after this rule was catching on first rule.

--Juan

0 Kudos
PhoneBoy
Admin
Admin
‎2018-03-26 08:47 AM
In response to Juan_Concepcion
Jump to solution

Good to know, thanks for updating.

0 Kudos
Sudip_Majee
Participant
‎2020-02-13 07:56 AM
In response to Juan_Concepcion
Jump to solution

Hey Juan,

Can you please explain a little more on how to solve this issue?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top