This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Roy_Smith
Collaborator
‎2020-03-26 03:44 AM

RDP to VPN Clients

Hi

I have a rule to allow a LAN PC to connect to a Remote Access VPN user. The rule allows ICMP, RPC (tcp/135), RDP (tcp3389) and SCCM RC ports (tcp/2701, tcp/2702, udp/2701, udp/2702).

From the LAN PC I can successfully ping the RA VPN machine. I can also successfully telnet on port 135. In the logs I see these hitting the VPN blade and the traffic being encrypted. However, I cannot successfully telnet on ports 3389, 2701 or 2702. I see the outgoing traffic hitting the VPN blade ad being encrypted but I then also see additional log entries that hit the firewall blade and have the message "address spoofing". 

I have checked encrytion domains and routing and it all looks fine. What I don't understand is why I can ping the remote machine and telnet works for one port but does not work for other ports. Why is this traffic not being encrypted even though it is initially hitting the same rule?

Is there something specific to allow RDP or RC services over VPN? Has anyone encountered this?

Thanks
Roy

0 Kudos
2 Replies
Henrique_Sauer_
Contributor
‎2020-03-26 07:30 AM

Check if you have this enabled?

 

 

Anotação 2020-03-26 112908.png

0 Kudos
Roy_Smith
Collaborator
‎2020-03-29 09:17 AM
In response to Henrique_Sauer_

Henrique

No, that option is not enabled. I did consider it as a possibility but still not answers why it works for some ports and not other ports.

Roy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events