Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Caner_Altinel
Explorer

Mobile Access VPN - Unautharized SSL Traffic

Hi there,

I upgraded the Checkpoint R77.30 to R80.30 2-3 weeks ago. Now company wants workers to have a VPN account and can make a RDP connection to their office PC's. I had already had some" Local Users" for 3rd party and some IT workers, and the VPN was working fine.

Recent days I have some issue that, even a Mobile Access user has a Native Application rule for RDP, Checkpoint drops the RDP connection via MAB Rules.

For example a user (local user or LDAP User )connects to Mobile Access via SNX Portla and gets the Office Mode IP. Then makes the RDP connection that I allowed. But some time later (random time later) this user gets dropped by MAB rules out of nowhere. Logs say (layer_name : MAB Rules - Rule Name : Unatharized SSL Traffic). Even retrying the connection, cp keep dropping the RDP packets.

Again after some random time later, same user connects the same IP with no problem. This keeps going every day. Any the "drop" problem happens same time for various users.

I have license for 100 users so this can't be the issue, and when I check the User's Group info with "pdp monitor user ..." I see that the groups are true for the users that gets the drop logs.

 

I already tried sk97811 but it didn't solve the problem.

Add a new variable in Check Point Registry on Management Server - 'SNX_ALLOW_GW_TO_GW' and set its value to 1:

On Security Management Server:

[Expert@MGMT]# ckp_regedit -a SOFTWARE/CheckPoint/VPN1 SNX_ALLOW_GW_TO_GW -n 1

 

Any Ideas for the issue?

 

Regards,

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

Have you opened a TAC case?
0 Kudos
vigggen
Explorer

Did you ever finde a solution on this problem Caner_Altinel ?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events