Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Soenke_Weiss1
Participant
Jump to solution

How to disable http redirect on multiportal/visitor mode

Hello,

 

My customer is using visitor mode so multiportal is running on the external interface. traffic to https://pu.bl.ic.ip is dropped on multiportal correctly. All good so far.  But curling http://pu.bl.ic.ip we receive a redirect to the internal IP address  like this:

master@myhost:~# curl -v -k -H "Host:" http://pu.bl.ic.ip
* Trying pu.bl.ic.ip:80...
* Connected to pu.bl.ic.ip (pu.bl.ic.ip) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.88.1
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 301 Moved Permanently
< Location: https://in.ter.nal.ip
<
* Closing connection 0

Traffic is still dropped on multiportal and port 80, all good, but:

Problem is that Nessus is reporting this as a really old IIS related vulnerability (refer to Solved: CVE-2000-0649 Vulnerability - Check Point CheckMatesplus my customer understandably doesn't want his internal IP disclosed externally. 

This is on a Spark 1900 appliance, I don't know whether it'S specifically for this appliance or if 'Real' GAiA has the same behaviour.

How can I disable this redirect?

Thanks,

Soenke

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

SMB devices don't have multiportal @the_rock but they do have the redirect on port 80.
The first part of this (setting the multi_portal_allow_redirect kernel variable to zero) should fix this.
https://support.checkpoint.com/results/sk/sk165937 

View solution in original post

4 Replies
the_rock
MVP Diamond
MVP Diamond

What does mpclient list command show?

Andy

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
PhoneBoy
Admin
Admin

SMB devices don't have multiportal @the_rock but they do have the redirect on port 80.
The first part of this (setting the multi_portal_allow_redirect kernel variable to zero) should fix this.
https://support.checkpoint.com/results/sk/sk165937 

Soenke_Weiss1
Participant

Thanks PhoneBoy, this works on SMB appliances as well.

the_rock
MVP Diamond
MVP Diamond

Good to know!

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events