Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Alexander_Petzo
Explorer
Jump to solution

VPN client of a service provider is blocked by the IPS Blade

Hello everybody,
we implemented a VPN client for a VPN connection to a service provider on a client in our network. It is the SonicWall VPN Client. The client establishes an IPSec connection to the service provider.
Now the following problem: If you want to establish a connection, the request from the IPS Blade of our Checkpoint rejected with the notice "IP Fragments". If you want to add an exception for this case, this will be rejected by the checkpoint. No exception for this protection possible.
Does anyone have any idea why this might be ?
Thanks Alex
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

IP Fragments is not really an IPS protection, it's a basic protocol validation that we've had well before we had IPS (including SmartDefense).

It does not support exceptions as a result. 

In R80.x management, it is listed under Inspection Settings.

You can tune the handling of fragments, however:

Your best bet is to somehow disable fragmentation on the Sonicwall client.

Not sure if they provide a way to do that.

View solution in original post

5 Replies
PhoneBoy
Admin
Admin

IP Fragments is not really an IPS protection, it's a basic protocol validation that we've had well before we had IPS (including SmartDefense).

It does not support exceptions as a result. 

In R80.x management, it is listed under Inspection Settings.

You can tune the handling of fragments, however:

Your best bet is to somehow disable fragmentation on the Sonicwall client.

Not sure if they provide a way to do that.

Hugo_vd_Kooij
Advisor

The whole issue with VPN client is that they create overhead so any valid maximum sized packets needs to be fragmented to fit inside the VPN encapsulation.

so this is a tricky thing.

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
0 Kudos
Alexander_Petzo
Explorer

Thank you for the Answer.

You can disable fragmentation in the vpn client. After that, IPS did not block traffic anymore.

Best Regards

Alex

Ashwani_Kumar
Explorer

I have a SMB Box that model number is L-50WD,

when i turn it on it not show anything .through console it show some encrypted codes and I can't do anything.

please suggest me what should i do..

0 Kudos
PhoneBoy
Admin
Admin

This is a completely unrelated to the original question.

Please post what you're seeing on the console in the SMB and SMP‌ space in a new thread.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events