This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
G_W_Albrecht
Legend Legend
Legend
‎2022-03-05 02:42 AM
Jump to solution

Strangest 1590 UDP Port 47119 traffic issue

Customer has 1490 GWs as main site and remote firewalls connected by S2S VPN. He uses monitoring nodes at remote sites that every minute communicate using UDP Port 47119 with the main site. This works successfully.

Now for a new remote site, he deployed a 1590 R80.20.35 (992002613) GW instead of a 1490. S2S VPN works, but UDP Port 47119 traffic gets lost on its way to the main site. fw monitor for the source IP or fw ctl zdebug drop show nothing. Replacing the 1590 with a 1490 resolves the issue.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
‎2022-03-07 12:00 AM
Jump to solution

Cause has been found over the weekend - an internal routing issue ! The device trying to send did that to a different MAC than the 1590, and so no traffic came thru...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

7 Replies
PhoneBoy
Admin
Admin
‎2022-03-05 05:50 PM
Jump to solution

Guessing you already have a TAC case on this, right?

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-03-06 02:14 AM
In response to PhoneBoy
Jump to solution

Will be made monday - but i need a bit more information first...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
the_rock
Legend
Legend
‎2022-03-05 07:31 PM
Jump to solution

Just an idea...what if you compare the config on both 1490 and 1590 to see if there are any differences for related port number?

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-03-06 02:15 AM
In response to the_rock
Jump to solution

Both have been configured in absolutely the same way...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend
‎2022-03-06 03:45 AM
In response to G_W_Albrecht
Jump to solution

So if you filter only for that port in fw monitor, you still cant see anything?

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-03-07 12:00 AM
Jump to solution

Cause has been found over the weekend - an internal routing issue ! The device trying to send did that to a different MAC than the 1590, and so no traffic came thru...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
the_rock
Legend
Legend
‎2022-03-07 05:16 AM
In response to G_W_Albrecht
Jump to solution

Thanks for letting us know!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events