This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
BrunoCiongoli
Collaborator
‎2023-08-16 10:49 AM
Jump to solution

Mobile Access Portal & FileServer

Hello mates,

We have a problem with a FileServer accesing through the mobile access portal.

 

Captura de pantalla 2023-08-16 143007.png

We have the file server as "file share" on mobile access applications and the corresponging rule. The link url is on the MAP.

We can access the File Server internally without problem

We have this problem after upgrade the cluster from R81.10 to R81.20, and this happen on both members, doesn´t matter which one is the active one. The last JHF is installed (24)

 

Thanks in advance, best regards

 

 

 

 

0 Kudos
1 Solution

Accepted Solutions
BrunoCiongoli
Collaborator
‎2023-08-17 12:23 PM
Jump to solution

The problem was solved changing the SMB version on the gateway side

All Mobile Access blade versions on Security Gateways R80.30 3.10 and R80.40 and above support SMB v2/3. The default SMB version in the newer gateways is still '1.0'

 

You can change the default SMB version running: cvpnd_settings $CVPNDIR/conf/cvpnd.C set FileShareDefaultSmbVersion "<version>"

Per Microsoft from 2016: "SMB 1.0 is deprecated. Once this is removed, systems running Windows XP or Windows Server 2003 (or older) operating systems will not be able to access file shares. SMB 1.0 has been replaced by SMB 2.0 and newer versions." Therefore, if using SMBv1 for file-sharing, users might experience issue with accessing resources. Unless drops are specifically seen in traffic capture on gateway this is a non-Check Point issue.

 

 

View solution in original post

0 Kudos
4 Replies
G_W_Albrecht
Legend Legend
Legend
‎2023-08-16 01:46 PM
Jump to solution

I would involve TAC asap...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
BrunoCiongoli
Collaborator
‎2023-08-17 12:23 PM
Jump to solution

The problem was solved changing the SMB version on the gateway side

All Mobile Access blade versions on Security Gateways R80.30 3.10 and R80.40 and above support SMB v2/3. The default SMB version in the newer gateways is still '1.0'

 

You can change the default SMB version running: cvpnd_settings $CVPNDIR/conf/cvpnd.C set FileShareDefaultSmbVersion "<version>"

Per Microsoft from 2016: "SMB 1.0 is deprecated. Once this is removed, systems running Windows XP or Windows Server 2003 (or older) operating systems will not be able to access file shares. SMB 1.0 has been replaced by SMB 2.0 and newer versions." Therefore, if using SMBv1 for file-sharing, users might experience issue with accessing resources. Unless drops are specifically seen in traffic capture on gateway this is a non-Check Point issue.

 

 

0 Kudos
D_W
Advisor
‎2023-08-17 02:16 PM
In response to BrunoCiongoli
Jump to solution

Good that you found a solution. SMBv1 is deprecated since years! Question is now WHY is it again in use in R81.20??

0 Kudos
BrunoCiongoli
Collaborator
‎2023-08-18 07:19 AM
In response to D_W
Jump to solution

Yes, I don´t know why the default SMB version in R81.20 is still '1.0' and this is not carried over from previous version because a clean install was performed

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top