This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jmedinad
Explorer
‎2025-05-10 10:12 AM

Check Point SMB 1575 Block Traffic as gateway in layer 2

 

Hi Evereyone

I have a problem with a 1575 firewall that is blocking traffic at layer 2, the firewall with IP 192.168.10.1 is the gateway for the 192.168.10.0/24 network, there is an MPLS that connects three remote sites. The router has IP 192.168.10.254. From the remote sites they do not have access to the servers on the 192.168.10.0 network, but they can ping the MPLS router and the firewall on their LAN. The firewall has static routes to the remote sites.

In the tracert from remote site the traffic stay in router IP,  but when the firewall is out from the network, the connectivity works

access servers.jpgPing Devices.jpgTopology.jpg

 

Thanks All

 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2025-05-12 10:11 AM

What exact steps did you take to configure Layer 2 on the 1575?
Do you see anything on the logs of the 1575 or even verify with a tcpdump that traffic even reaches the 1575?
What is the MPLS router’s default route here?
There is no IP on the “Internet” side of the gateway, so it’s not clear how traffic is even routed through the 1575.

0 Kudos
jmedinad
Explorer
‎2025-05-12 10:34 AM
In response to PhoneBoy

 

Hi,

I set lan network with ip 192.168.10.1, and put the static route to remote site.
I can`t see layer 2 traffic in the firewall
the default route from MPLS Router's are the 1575 (192.168.10.1)
the FW hace a public ip, the traffic come from router in the remote site to MPLS Router and send to 1575 the lan (192.168.10.0)  

0 Kudos
PhoneBoy
Admin
Admin
‎2025-05-12 03:09 PM
In response to jmedinad

"I can`t see layer 2 traffic in the firewall" by what precise methods did you attempt to verify this?
It's also not clear this is a Layer 2 configuration as that requires configuring a bridge with two or more ports.

The more information you can provide about the configuration with screenshots, if possible (redact sensitive details as necessary), the more likely we can help you.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events