This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JJ
Explorer
‎2022-06-27 10:17 PM

can we block non-Hong Kong IP to connection using Endpoint Security VPN?

can we block non-Hong Kong IP to connection using Endpoint Security VPN?

i know that would be controlled by implied rules but i have tested disable in the global policy, which is no help. those traffic still can be access the gateway 

but according to sk43401 that state that "enabling certain features (e.g., Clientless VPN) will enable certain Implied Rules that cannot be disabled in SmartConsole / SmartDashboard."

do anyone know a method to solve it ?

So many thanks 

Regards,

JJ  

0 Kudos
7 Replies
Tal_Paz-Fridman
Employee
Employee
‎2022-06-27 11:48 PM

What about using Access Control Policy with Updatable Object (Negate Hong Kong):

Hong Kong Updatable Object.jpg

 

 

0 Kudos
Danny
Champion Champion
Champion
‎2022-06-27 11:54 PM
In response to Tal_Paz-Fridman

To disable specific geo locations before explicit and implied rules you would have to use SAM rules and catch the specific Geo location data from Check Point's IP2Country.csv file. So you'll have to create a little Bash script to catch the location file, grep the IP adresses from Hong Kong and block Endpoint Security VPN connections for all others.

0 Kudos
JJ
Explorer
‎2022-06-28 12:39 AM
In response to Danny

Hi Danny,

Thanks for your suggestion seems will be work, but using Bash script to catch the location file is too difficult to me to setup.

Anyway thanks for your reply.

Regards,

JJ

0 Kudos
JJ
Explorer
‎2022-06-28 12:09 AM
In response to Tal_Paz-Fridman

because of the implied rule will accepted the connection before the policy.

0 Kudos
Tal_Paz-Fridman
Employee
Employee
‎2022-06-28 12:19 AM
In response to JJ

What about changing the order of the Implied Rules in Global Properties?

0 Kudos
JJ
Explorer
‎2022-06-28 12:37 AM
In response to Tal_Paz-Fridman

actually the global properties is in grey on the accept remote access control connections, and after disable the connection still accepted by the implied rule.

so that no help.

 

 

0 Kudos
JJ
Explorer
‎2022-06-28 01:38 AM
In response to JJ

Hi All,

i had disable the implied rule as below 

 

impliedrule.JPG

 and setup the access policy as below, all problem is solved. 

accesspolicy.JPG

 so many thanks with all you guy.

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top