Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Chinmaya_Naik
Advisor

Domain Object Configuration Query and Requirement

Hi Team,

Gateway OS Version:R80.30

Current Traffic Flow -----> CP Firewall >> Proxy >> User Machine

On Check Point Firewall only firewall blade is enable.

We only configured IP based rule on Check Point.

For a specific requirement we create a URL filtering rule on Proxy for example "abc.com" but "abc.com" is resolved multiple public IP address (Dynamic IP address).

Now creating the rule for multiple resolved IP address challenge so we create a Domain Object on Check Point.

For testing I setup a LAB.

I am create a ".checkpoint.com" Domain Object for testing but still not working. 

Also I test with Unchecked the FQDN.

1.png

 

2.png

Kindly help to resolved the issue. 

 

Regards

@Chinmaya_Naik 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

So the user is communicating to the proxy, which then forwards to the Internet thru the Check Point gateway?
Have you confirmed DNS is configured and resolving the same as the proxy?

0 Kudos
Kaspars_Zibarts
Authority
Authority

1. Is your lab user using proxy?

2. What is "win10" in your rulebase? Proxy or client?

You need to work out lab flow.

FQDN object is set correctly 

You can check what IPs gateway has learned with command line:

domains_tools -d checkpoint.com

 

 

 

 

 

 

 

0 Kudos
Chinmaya_Naik
Advisor

Hi Team,

Thanks for the suggestion yes now its working fine when I create a fresh setup with different a machine😊

@Chinmaya_Naik 

0 Kudos