Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
JaeYoung_An
Explorer

I am curious about the policy matching logic.

Hi

 

I'm curious about check point's policy matching method.

Let's take an example

As shown below, sip and custom-made udp-5060 were included in one policy.

So which of the following two ports does the checkpoint match to?

 

As far as I know, Service is Any, and if there is a port conflict due to the 'match for any' option, it is determined randomly when installing the policy.

 

However, I cannot find any explanation as to the order in which they are matched when two conflicting ports are added to one policy.

If you know the policy matching logic or have any SK involved, please let me know

 

 

Have a nice day and I'll wait for your reply.

2024-08-12_16-25-02.png

 

0 Kudos
3 Replies
rrbranco
Collaborator
Collaborator

take a look here for VOIP 

 

https://support.checkpoint.com/results/sk/sk95369

ATRG: VoIP

 

 

Check the topology and all details.   Extra attentions to the rules according to your scenario and ports used. 

 

Special attention to the following quotations:

 

"

Do not use this service in the same rule with the 'XXXXXX' service (because they contradict each other).

...

 

Best regards

 

"

 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

0 Kudos
PhoneBoy
Admin
Admin

You mean one rule?
The multiple "Match for Any" rules behavior is documented: https://support.checkpoint.com/results/sk/sk150553
I assume it is similar when you add the services to the rule explicitly as well (i.e. it's random).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events