- CheckMates
- :
- Products
- :
- Quantum
- :
- Management
- :
- Re: Two rules with same VPN community
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Two rules with same VPN community
Hello,
Im trying to create two rules which including same VPN community. I noticed that the HitCounts rise only in one rule?
Is it allowed to create two separate rules which including same community ?
Stay Healthly,
Nbto
4 Replies
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Quite often create multiple rules for traffic over a VPN.
Is normal that would not want the whole networks,services open over to the remote end but specific ports, networks for different people.
Are you actually getting traffic matching the second rule?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, but unfortunately nothing is matching with this second rule.
But if i change from community to Any it start matching. (same source and destination)
I cant figure out why ;/
But if i change from community to Any it start matching. (same source and destination)
I cant figure out why ;/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If the second rule is matching with "any" in the VPN field, are you sure this traffic is encrypted?
Maybe your encryption domains are not correct and the source and destination in the "any" rule are not included in any of the encryption domains?
Wolfgang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't see why not.
Get the TAC involved.
Get the TAC involved.