Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
DmitryS
Explorer

ISP Redundancy and Visitor Mode port configuration

Good day!


I have a configuration with two providers.
For remote access clients, we changed the connection port to 8080 in the settings /Remote access -> Support Visitor Mode/. 443 port is busy for the WEB site.

The problem arises when the user connects.

If you specify in the /Link selection -> Use probing Link probing. Link redundancy mode/ menu and select two interfaces of providers. The client's configuration includes the internal gateway address, instead of those specified in the settings.

If you specify the address of one provider, the client connects.

How do we make the configuration work?


1. Setup one ISP - worked

Screenshot_1.jpg

2. Setup two ISP - not worked

Screenshot_2.jpg

3. Change Visitor Mode port to 8080

Screenshot_3.jpg

4. Configure ISP Redundancy

Screenshot_4.jpg

0 Kudos
2 Replies
_Val_
Admin
Admin

1. Do not use ongoing probing

2. Make sure probing is actually allowed on the FW via policy

3. Finally, 443 should still work, even you have Web site set up on it. Or did you configure PAT with FW addresses on that port?

 

Zabula_Sergey
Ambassador
Ambassador

Hello Dmitry!

Could you please contact me via mail? szabula (at) checkpoint.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events