Create a Post
Showing results for 
Search instead for 
Did you mean: 

Sometimes unencrypted traffic to the remote access clients

Hello everyone,

I have an issue with our remote access employees.

We have employees with softphones, who connect to our phone server through Check Point Endpoint Security VPN.

I made two access rules, one for SIP traffic from RA Clients to the phone server and one for RTP (UDP/20000-25000) traffic from the server to the Remote Access Net.

Also, we have iBGP from the internal side, so I made a route on VS gateway (we have VSX) to the Remote Access Net, with the external gateway as a next-hop (to announce RA Net to BGP).

Everything works fine. But 3-4 times a day some employees don't hear a caller. I looked through logs and found out, that in such cases RTP packets don't go to the client but unencrypted go to the Internet.

What can be the problem? How to debug the issue?

Thank you!


0 Kudos
1 Reply

You're most likely in TAC ticket territory here, particularly if the same client had been receiving the RTP traffic encrypted before then it suddenly stopped working.
0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events