Create a Post
Showing results for 
Search instead for 
Did you mean: 

Checkpoint as a Proxy-Block Page

I am well aware of the fact that when a user visits a "blocked" http url , CP will redirect the user to a UserCheck block page.

Can the aforementioned behavior be accomplished with HTTPs urls as well and without https inspection enabled ?


Also, provided that I configure Checkpoint as a non-transparent proxy and that I only have "HTTPs Categorize Sites" enabled, if my users visit a https web page that gets blocked by the URL filtering blade, will CP return to the user a UserCheck Block Page ?


0 Kudos
2 Replies

I dont think there is any way to have that behavior without inspection enabled, because in that case, yes, page wont work, but block notification will never come up, as there is nothing to be intercepted by the firewall, since the inspection cert that would have been presented when https inspection is on, would not be there.

0 Kudos

HTTPS Inspection must be enabled for HTTPS UserCheck pages to work as a redirect is required, which requires injecting a redirect into the connection.
That can’t be done without decrypting and reencrypting the traffic.


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events