This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
divisan14
Participant
‎2019-08-01 01:52 AM

Stealth Rule block DHCP

Hi All,

 

I have recently upgrade checkpoint firewall from R77.30 to R80.10, I have a stealth rule 'disable smart dashboard' in R77.30, to disable accessing the gateway and smart dashboard other than specific VLAN. After the upgrade, this particular rule affecting DHCP. 

Can anybody clarify me, why is this stealth rule causing DHCP issue whereas it's not allowing DHCP to assign IP address to the client machine?

 

 

0 Kudos
4 Replies
Daniel_Taney
Advisor
‎2019-08-01 08:33 AM

Is the Gateway providing DHCP to your client machines? Can you provide a screen shot of the Stealth Rule so we could see how it is written?

I suspect the best solution may be to place an explicit allow rule above the Stealth rule to make sure whatever traffic you do want gets passed.

R80 CCSA / CCSE
0 Kudos
divisan14
Participant
‎2019-08-04 08:07 PM
In response to Daniel_Taney

In R77.30, I don't have DHCP relay rule but post-upgrade to R80.10, the client was not getting an IP address so we have created a new DHCP relay rule as per SK104114. During this rule creation, my existing stealth rule went down.  Then when I tried to move the stealth rule on top of DHCP relay then I started to have the issue again.

0 Kudos
FedericoMeiners
Advisor
‎2019-08-01 08:54 AM

Are you using the new objects to allow DHCP communications?

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos
divisan14
Participant
‎2019-08-04 08:11 PM
In response to FedericoMeiners

Yes, I have followed this article to create DHCP relay rule. Unfortunately, stealth rule went down and I wanted to move on top of DHCP rule to meet the policy compliance.  Is there any article saying DHCP rule must lay on top to avoid this problem again?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events