Hi there,

I upgraded the Checkpoint R77.30 to R80.30 2-3 weeks ago. Now company wants workers to have a VPN account and can make a RDP connection to their office PC's. I had already had some" Local Users" for 3rd party and some IT workers, and the VPN was working fine.

Recent days I have some issue that, even a Mobile Access user has a Native Application rule for RDP, Checkpoint drops the RDP connection via MAB Rules.

For example a user (local user or LDAP User )connects to Mobile Access via SNX Portla and gets the Office Mode IP. Then makes the RDP connection that I allowed. But some time later (random time later) this user gets dropped by MAB rules out of nowhere. Logs say (layer_name : MAB Rules - Rule Name : Unatharized SSL Traffic). Even retrying the connection, cp keep dropping the RDP packets.

Again after some random time later, same user connects the same IP with no problem. This keeps going every day. Any the "drop" problem happens same time for various users.

I have license for 100 users so this can't be the issue, and when I check the User's Group info with "pdp monitor user ..." I see that the groups are true for the users that gets the drop logs.

I already tried sk97811 but it didn't solve the problem.

Add a new variable in Check Point Registry on Management Server - 'SNX_ALLOW_GW_TO_GW' and set its value to 1:

On Security Management Server:

[Expert@MGMT]# ckp_regedit -a SOFTWARE/CheckPoint/VPN1 SNX_ALLOW_GW_TO_GW -n 1

Any Ideas for the issue?

Regards,