This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Oliver_222
Participant
‎2024-02-20 01:27 AM

Problem with updating URLF, AC and Anti-Bot, Anti-Virus on SMB 1500 series via proxy server

 

Good afternoon

We have CheckPoint 1530 R80.20

We have detected a problem with updating URL Filtering (1), Anti-Bot, Anti-Virus (2), Application Control (3).
We have configured access to the Internet via proxy server. Screenshot of connection to http://cws.checkpoint.com (4)
I also attach other screenshots.

Can you please tell me what could be the problem?

1.png

2.png

3.png

4.png

5.png

6.png

7.png

  

 

 

 

 

 

 

       

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2024-03-01 12:44 PM

Do you see proxy traffic originating from your SMB device?
In any case, you should get the TAC involved if you haven't already.
https://help.checkpoint.com 

0 Kudos
Oliver_222
Participant
‎2024-04-12 05:45 AM
In response to PhoneBoy

Yeah, we can see the traffic in the logs
We see it on the proxy server, too.

We've filed a case with TAC, but so far no luck.

We have a strange picture: when checking via curl_cli (without specifying a proxy) the message "connection refused" comes out, also we see that the connection goes to ipv6 addresses. But ipv6 is disabled on CheckPoint, and the proxy server prioritizes ipv4.

Also we don't see any problems on the proxy server, connection to CheckPoint update servers is available.
We also tried through the proxy server from other hardware, but the result is the same.

On CheckPoint itself, Internet access is only via proxy, there are no interfaces with ISP global addresses.

There are no problems with updates on other CheckPoints with regular Internet access via ISP. Also, for example, on CheckPoint 4600 series the update through a proxy goes through. And when curl_cli is applied to ipv4 addresses.

0 Kudos
PhoneBoy
Admin
Admin
‎2024-04-12 10:46 AM
In response to Oliver_222

Send me the ticket # in PM and I'll take a look.
The only other thing I can suggest is updating to the R81.10.10 release https://support.checkpoint.com/results/sk/sk181080 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events