Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
cdooer
Participant

Restricting VPN gateway access on the public side

Hi there. Is anyone aware of a way to lock down the public facing interface on a VPN gateway (r80.30) so that any traffic that isn’t coming from a very specific version of the Checkpoint Endpoint VPN is simply dropped? So no poking, no probing, etc on ports required to be open in order for VPN to work, unless it’s coming from a legitimate client, and maybe even a specific version of the client. 
I’m thinking something similar the the User-agent field in the header of a web request. Maybe just a pipe dream, but I thought I’d ask anyway. 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

This is most likely an RFE.
You might be able to modify various .def files to change the implied rules to restrict access from a specific IP, though.
Will be something you will have to manually track with upgrades, though.

0 Kudos