This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
MTS
Participant
‎2022-01-12 10:12 PM

Is that possible to have CheckPoint gateway working like a Sock5 Proxy Server?

Hello,

 

Just find few KN related to configuring CheckPoint as a HTTP/HTTPS Proxy.

 

But would like to Proxy the DNS to end user as well, and seems Sock 5 with Firefox working well for this.

 

Might I know if CheckPoint support Sock5 also?

 

 

Thank you in advance.

0 Kudos
3 Replies
G_W_Albrecht
Legend
Legend
‎2022-01-13 12:01 AM

The reason is that using CP GWs as a proxy is mostly not a good idea at all - out of my 13 y experience i would suggest to better install a Socks5 server in the internal network ! Also look for the limitations here: sk110013: How to configure Check Point Security Gateway as HTTP/HTTPS Proxy and sk92482: Performance impact from enabling HTTP/HTTPS Proxy functionality.

CCSE CCTE CCSM SMB Specialist
0 Kudos
Timothy_Hall
Champion Champion
Champion
‎2022-01-13 05:01 AM

Agree with Gunter, configuring a Check Point gateway as an explicit HTTP/HTTPS Proxy is not a good idea.  All traffic being proxied will be unaccelerated (F2F path) and also be handled by a security server process thus slowing things down even more.  This was mentioned in my 2021 IPS/AV/ABOT Immersion video series:

proxy.png

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
genisis__
Leader Leader
Leader
‎2022-01-13 05:36 AM

I've asked this on a few occasions.  In older versions it was possible to do it apparently, but not anymore.  I know Fortigate can act as a SOCKS5 proxy.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events