Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
nflnetwork29
Collaborator

policy to block ssh

Jump to solution

hi i created a simple block policy . set service to ssh. set source to any. set destination to my gateway object. set action to block. it does not work. what am i doing wrong?

0 Kudos
1 Solution

Accepted Solutions
nflnetwork29
Collaborator

the global property needs to be unchecked. just confirmed with checkpoint support. 

View solution in original post

0 Kudos
8 Replies
the_rock
Authority
Authority

What are you seeing in the logs when you test the ssh? Its possible that it might not even be hitting that rule...do you have a screenshot of it?

0 Kudos
funkylicious
Advisor

hi, you mean action to drop ?

are there perhaps any other rules above it that may permit access?

0 Kudos
nflnetwork29
Collaborator

should this be unchecked in global properties?

Capture.PNG

Will unchecking this mess up my SIC or my ability to push policy from the management server?

 

0 Kudos
the_rock
Authority
Authority

 I would not bother with that, its there for a reason...funkylicious gave good reply. Make sure there is no rule ABOVE the one you set up to allow the traffic.

0 Kudos
nflnetwork29
Collaborator

there is no rule above it . 

0 Kudos
funkylicious
Advisor

can we see a screenshot of the rule and of the log that says it's permitted ?

0 Kudos
nflnetwork29
Collaborator

the global property allowing the SSH and the WEB Admin traffic will override any policy will it not ?

0 Kudos
nflnetwork29
Collaborator

the global property needs to be unchecked. just confirmed with checkpoint support. 

View solution in original post

0 Kudos