Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Explorer

error connection to all sites with https inspection on a bridge mode

Hello, i have SMS - Smat1-205 and GW- 5200 with 80.30 version 

encountered a problem when turning on https inspection in inspection mode, I get error error: Inet resource not found (error DNS) 

my topology with bridge mode: PC-client go to Internet through Bridge on GW with 2 interfaces ( eth1 - external, eth 2 - internal )

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... use this topic for bridge ( to give Internet access to the gateway itself and change the https inspection rule specifying source-destination - any)

 

when HTTPS inspection on Bypass or without HTTPS inspection  - all sites work, but not working in detect mode

 

0 Kudos
6 Replies
Highlighted
Admin
Admin

Is it working and you're just getting the error?
Not clear from your message.
0 Kudos
Highlighted
Explorer

not working with https-inspection(mode:detect)

0 Kudos
Highlighted
Admin
Admin

What does your interface topology look like?
The error suggests the gateway can't figure out what the Internet-facing interface is.
That would mean using a different interface (not your bridge mode interfaces) for Internet access from your gateway.
0 Kudos
Highlighted
Explorer

the host machine is connected to one of the bridge mode interfaces on the gateway, the second interface leads to a switch through which Internet access is available, the bridge mode works, there is also a mgmt connection to the switch through which there is an Internet connection (checked by the ping command), but as soon as https inspection is enabled with the 'detect' rule stops internet from PC, http site available..

0 Kudos
Highlighted
Admin
Admin

I don't believe you can just use the Bridge Mode interfaces for this.
You need to configure a non-bridge mode interface that has access to the Internet.
0 Kudos
Explorer

I used Mgmt Interface for Internet, and checked him, it's work...it's right? Summary : eth1 + eth2 ( Bridge ), Mgmt ( Internet).
0 Kudos