Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
leangm
Contributor
Jump to solution

Need help for classify TCP/80, TCP/264 on Gateway from external

Currently on my Checkpoint gateway have service remote VPN and S2S VPN 

- remote access using Visitor Mode setting 

Can I disable port TCP/80 and TCP/264 from external when disable any impact to remote access?

Anyone can help classify?

Thanks 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

Disabling Visitor Mode means that users will be unable to configure your gateway as a VPN site.
TCP 264 can be safely disabled via: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

View solution in original post

6 Replies
the_rock
Legend
Legend

Visitor mode by default used port 443, though you dont even need visitor mode unless port 4500 is blocked for some reason.

 

https://community.checkpoint.com/t5/Remote-Access-VPN/Remote-access-without-visitor-mode-enabled/m-p...

0 Kudos
PhoneBoy
Admin
Admin

Disabling Visitor Mode means that users will be unable to configure your gateway as a VPN site.
TCP 264 can be safely disabled via: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

leangm
Contributor

Thank you all 

0 Kudos
the_rock
Legend
Legend

phoneboy is right, I forgot to mention that...you need visitor mode to even create and connect to the site for the very first time. I believe though after that, you dont technically need it.

0 Kudos
Ruan_Kotze
Advisor

Having this box checked is one of the GUI defaults CP changed in R81.  Will save me a bit of time troubleshooting with new deployments, because I always forget to tick it first time around:-)

the_rock
Legend
Legend

Been there before, I feel the "pain" 😉

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events