This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Maarten_Sjouw
Champion
Champion
‎2018-07-09 02:04 PM

Weird Port redirection on 1400

I'm running a 1490 (R77.20.75) centrally managed (R80.10) and have a number of NAT rules for inbound traffic.

One of them is a mail server running in a DMZ, when I want to collect my mail with IMAP or POP3, I use my external DNS name which resolves to the external IP of the FW. Running this on mobile devices should explain the why that is the external IP.

Now we are running into the problem NATting is not done, neither the destination nor the source NAT is taking place. I added an explicit NAT rule for the internal range to the external IP of the FW to be source NATted to the IP of  the GW and the destination to the DMZ server IP.

Log line shows no NAT IP's but the NAT Ruleis showing when you double click the line.

Also when we try to reach a http web page, it is redirected to the gui of the FW itself with the explicit port setup for the Management WebUI.

Anyone seen this behaviour?

Regards, Maarten
2 Replies
Maarten_Sjouw
Champion
Champion
‎2018-07-09 09:49 PM

Just after posting this and extensively searching the knowledge base, I found Gunther's list of all SMB SK's. Browsing through that list and searching for redirect I found this one:

SK100471  When trying to access a website behind a LocallyManaged 600_1100, user is redirected to Web GUI

While searching for this SK I ran into a similar SK which actually describes the problem a bit better:

SK130034  Port forwarding to a server with custom port from a different LAN is not working

Well guess what, I did a test with a Wireless network and set it as a bridged network, after working through this SK I was back in business! 

Thanks Gunther!!

Regards, Maarten
0 Kudos
Maarten_Sjouw
Champion
Champion
‎2018-07-10 03:59 AM
In response to Maarten_Sjouw

Well the story continues, We tested SK130034 as well, did not solve the issue, only removing the bridge will forward the traffic normally, when coming from internal networks.

So SK100471 was still the only solution for this problem.

Regards, Maarten

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top