This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Prabulingam_N1
Advisor
‎2018-03-30 01:13 AM

Officemode IP issue

Dear All,

Got a issue here in Officemode IP.

10.10.10.0/24 allocated for OfficePool only for RA access and not been used anywhere else.

I'm connecting thru SSLVPN (browser), got connected and received OfficeIP mode.

Now issue is if I get 10.10.10.1 or 10.2 or 10.3, then users gets connected thru SSLVPN successfullyl, but unable to reach internal resources.

The same user once disconnects and later time connects back thru SSLVPN, he gets officemode IP of 10.10.10.4 or any IP in that series (apart from 10.1 or 10.2 or 10.3) then he can reach his internal resources.

Only issue is if any user gets 10.1 or 10.2 or 10.3 - then users unable to reach internal resources.

If any Officemode IP from 10.4 or later - no issues.

Anyone can suggest for reasons please..

Regards, Prabulingam.N

4 Replies
PhoneBoy
Admin
Admin
‎2018-03-30 04:48 AM

What does a tcpdump or fw monitor say is happening in both cases?

0 Kudos
Prabulingam_N1
Advisor
‎2018-03-30 05:13 AM
In response to PhoneBoy

Dear Dameon,

Per tcpdump we could see the OfficeIP as source hitting Firewall Inf towards Destination server.

But no response, also no FW drop per fw ctl zdebug.

I will be asking customer to provide more info on fw monitor.

As of now asked customer to try changing to New OfficemodeIP pool.

I will check this further and will post it.

Regards, Prabulingam.N

Gaurav_Pandya
Advisor
‎2018-03-31 02:36 AM

Hi,

As you said traffic is hitting firewall and there is no drop (for .1, .2 & .3) then please capture the packets from firewall to internal server and also verify that traffic is hitting to target servers. So that we come to know end-to-end flow.

Prabulingam_N1
Advisor
‎2018-04-02 05:35 AM
In response to Gaurav_Pandya

Dear Gaurav,

Thanks for your input as well, Let me await from customer so that I can capture your method.

Regards, Prabu

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top