Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
hw
Explorer

Https Inspection Bypass - checkpoint capsule connect

Hello,

we use the Checkpoint Caspusle Connect Client (Cloud Firewall) with HTTPS Inspection enabled and wanted to call the URL https://www.xing.com. However when the cloud client is connected, we can't call this URL. We only get the notification, that the site is not available. When we disconnect the cloud client, we can call this URL without any problem.

So we tried to bypass this site from the HTTPS inspection (*.xing.com in the cloud portal) however this also doesn't work. So we tried to analyse the traffic with "Fiddler" and there we see that the HTTPS handshake to www.xing.com failed, because the stream was closed. 

It seems that the https bypass not really works. Does anybody know how we can bypass the traffic to xing?

Best regards

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

Recommend a TAC case.
I suspect (without having done the troubleshooting) that there is an incompatibility with TLS ciphers between this site and what is supported by the Capsule Cloud infrastructure.
In this case, the only way a bypass would work is if you bypass the site by IP address.
0 Kudos
hw
Explorer

Thanks for the answer. I will open a checkpoint case.

0 Kudos
Bekir_Aldemir2
Explorer

Not sure if you solved the issue already but for others who may come across the same problem, Check Point Capsule Connect doesn't support IP addresses in https inspection bypass rules. The quickest way to solve this is to exclude the IP / URL from web management interface (cloud.checkpoint.com)

0 Kudos
Upcoming Events

    CheckMates Events