This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
CEEJAY
Contributor
a week ago

Connected to SNX, but cannot reach internal network (server)

Hello, I am encountering an issue regarding Check Point SNX (Network Mode). I can successfully connect to SNX and get an Office Mode IP, but when I tried to ping the server and access web app in my internal network, it does not work. Does VPN Domain has something to do with this? The only policy I created is in the Mobile Access Policy by creating a Native Application and editing the targeted server. 

0 Kudos
7 Replies
emmap
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
a week ago

What do you see in the traffic logs?

0 Kudos
CEEJAY
Contributor
a week ago
In response to emmap

From the logs, I think it was being dropped by the clean up rule, but I tried to add a rule src:office mode ip | dst: the server and lan | services: any | action: accept but still cannot reach the server or other resources in the lan.

0 Kudos
emmap
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
Tuesday
In response to CEEJAY

Under Mobile Access in your gateway, is it configured to use Legacy policy or Unified policy? And where did you set up the access? 

0 Kudos
CEEJAY
Contributor
Tuesday
In response to emmap

It is configured to use legacy policy. What do you mean where did i set up the access? 

0 Kudos
emmap
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
Tuesday
In response to CEEJAY

Where did you add the access configuration? If your gateway is set to legacy policy then you'll need to add the access configuration in the old Mobile Access policy to allow SNX to connect into network resources.

0 Kudos
CEEJAY
Contributor
Tuesday
In response to emmap

the clusterXL is running with R82 version, the rule base for mobile access is now accessible thru smart console, that is where I confgured the access rule.

0 Kudos
emmap
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
Tuesday
In response to CEEJAY

Yes but when the gateway is configured to use the Legacy policy, you have to configure the access through the old Mobile Access GUI in the Shared Policy section. If you want it integrated into the main access policy you have to change the gateway to use Unified policy.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events