This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
StevePearson
Contributor
4 weeks ago
Jump to solution

Admin access to Spark 1555

These devices allow you to lock down admin access via the internet to specific IP addresses. The problem is, my IP address is DHCP from the ISP, so can change occasionally. In the security policy I have used a domain object pointing to my domain so the name is resolved from DNS, which is kept up to date automatically by a little docker container, which all works fine. However, the admin access only allows you to add IP addresses, not names that could be resolved.

Has anyone else had this problem and found a way round it at all?

0 Kudos
2 Solutions

Accepted Solutions
Lesley
Mentor Mentor
Mentor
4 weeks ago
Jump to solution

I think there is no way around it. You can only fill in hosts IP's and network ranges. 

As workaround you could manage the firewall via VPN client. With VPN client you will get an IP from the pool. This pool you can add as VPN range in the access list:

To set the interface sources from which administrator access is allowed

-------
If you like this post please give a thumbs up(kudo)! 🙂

View solution in original post

PhoneBoy
Admin
Admin
4 weeks ago
Jump to solution

As DNS queries can be changed by a man-in-the-midddle, we only allow fixed IPs to be configured for admin access.

View solution in original post

3 Replies
Lesley
Mentor Mentor
Mentor
4 weeks ago
Jump to solution

I think there is no way around it. You can only fill in hosts IP's and network ranges. 

As workaround you could manage the firewall via VPN client. With VPN client you will get an IP from the pool. This pool you can add as VPN range in the access list:

To set the interface sources from which administrator access is allowed

-------
If you like this post please give a thumbs up(kudo)! 🙂
StevePearson
Contributor
4 weeks ago
In response to Lesley
Jump to solution

Interesting work around thanks!

0 Kudos
PhoneBoy
Admin
Admin
4 weeks ago
Jump to solution

As DNS queries can be changed by a man-in-the-midddle, we only allow fixed IPs to be configured for admin access.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events