Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
divisan14
Participant

Stealth Rule block DHCP

Hi All,

 

I have recently upgrade checkpoint firewall from R77.30 to R80.10, I have a stealth rule 'disable smart dashboard' in R77.30, to disable accessing the gateway and smart dashboard other than specific VLAN. After the upgrade, this particular rule affecting DHCP. 

Can anybody clarify me, why is this stealth rule causing DHCP issue whereas it's not allowing DHCP to assign IP address to the client machine?

 

 

0 Kudos
4 Replies
Daniel_Taney
Advisor

Is the Gateway providing DHCP to your client machines? Can you provide a screen shot of the Stealth Rule so we could see how it is written?

I suspect the best solution may be to place an explicit allow rule above the Stealth rule to make sure whatever traffic you do want gets passed.

R80 CCSA / CCSE
0 Kudos
divisan14
Participant

In R77.30, I don't have DHCP relay rule but post-upgrade to R80.10, the client was not getting an IP address so we have created a new DHCP relay rule as per SK104114. During this rule creation, my existing stealth rule went down.  Then when I tried to move the stealth rule on top of DHCP relay then I started to have the issue again.

0 Kudos
FedericoMeiners
Advisor

Are you using the new objects to allow DHCP communications?

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos
divisan14
Participant

Yes, I have followed this article to create DHCP relay rule. Unfortunately, stealth rule went down and I wanted to move on top of DHCP rule to meet the policy compliance.  Is there any article saying DHCP rule must lay on top to avoid this problem again?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events