This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
lcako
Participant
2 weeks ago

ACCESS Points on firewall

Hello,

i have a check point firewall SG2000.

The tipology of my network is : ISP- MIKROTIK-FIREWALL - SWITCH POE - Access point 

i have 13 access points but only two get internet from firewall , 11 not . When i connect switch poe directly into mikrotik (disconnect firewall) , i have internet on all 13 access points. When i connect firewall with switch POE and access points, i dont have internet on 11 of them. Only 2 access points get internet. What should be the problem that 2 AP get internet and 11 not.

On mikrotik if i remove firewall . ISP-mikrotik-switch poe -AP , all APS get internet 

0 Kudos
4 Replies
Don_Paterson
Advisor
Advisor
2 weeks ago

You have not shared detailed information to support a full assessment for solution advice. 

What do you see in the Check Point firewall logs?

 

 

Troubleshooting Steps:

1. Check Firewall Logs: Review the firewall logs to see if there are any blocked connections or errors related to the access points.

2. Review Firewall Rules: Go through the firewall rules and ensure that there are no rules blocking traffic to the access points.

3. Verify NAT Settings: Ensure that NAT is properly configured to allow traffic from all access points.

4. Check DHCP Settings: If the firewall is providing DHCP, make sure it is configured to assign IP addresses to all access points.

5. Test Connectivity: Use tools like ping or traceroute from the firewall to the access points to check for connectivity issues.

6. Check VLANs: Verify that there are no VLAN misconfigurations that could be affecting the access points

0 Kudos
lcako
Participant
2 weeks ago
In response to Don_Paterson

331356b0-f81e-447b-b1f7-5f4a1ed6a2ad.jpeg

4d4fa3cf-d427-462e-abf6-96040f0ef185.jpeg

0cd95365-3158-4f17-89aa-5a42aea3c990.jpeg

eeba1ce1-76b1-423b-a91c-b10daba99bfa.jpeg
I uploaded nat rule, policy , and logs. 

The Logs are from an ip of AP that doesnt take internet.

0 Kudos
the_rock
Legend
Legend
2 weeks ago
In response to lcako

Maybe try quick zdebug from expert mode of the fw and see what gives.

example:

say AP ip is 10.10.10.10

command -> fw ctl zdebug + drop | grep 10.10.10.10

Andy

0 Kudos
PhoneBoy
Admin
Admin
2 weeks ago

What troubleshooting have you done on the APs themselves?
Do they get an IP from DHCP, for instance?
If not, can you confirm with a tcpdump or similar that any traffic is being sent from those APs at all?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events