This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Narrah_Munthali
Participant
‎2018-11-20 04:34 AM

Not able to access online payments websites with checkpoint firewall

I have configured checkpoint firewall, and having problems to access the online payment websites. All logs show that the traffic is passing through but the browser cannot display any pages. I have tried to add the policy to accept any traffic but still not able to access the sites. What can i be missing out?

4 Replies
PhoneBoy
Admin
Admin
‎2018-11-20 09:38 AM

Some concrete examples of:

  • Exact websites you were trying to access
  • Behaviors you saw (with screenshots)
  • Exact rule configuration
  • Is HTTPS Inspection enabled
  • Logs you saw
  • Any other useful information

Would be very helpful in providing you advice.

Also version of products involved (with patch levels).

0 Kudos
Narrah_Munthali
Participant
‎2018-11-20 11:07 PM
In response to PhoneBoy

Find my comments added below

1. Exact websites you were trying to access

2. Behaviors you saw (with screenshots)

All browsers are just showing TLS handshake and then times out

3. Exact rule configuration

 Screenshot attached.Policy configured

4. Is HTTPS Inspection enabled

yes it is enabled

5. Logs you saw

I have the log in TXT format and i dont have an option to attach to this message. Please share email so that i can send to you

6. Any other useful information

Running R80 with version 121. I was advised to apply the hotfix fw1_wrapper_HOTFIX_R80_10_JHF_121_SMACK_626_030_GA_FULL by the support team but did not work.

0 Kudos
PhoneBoy
Admin
Admin
‎2018-11-20 11:42 PM
In response to Narrah_Munthali

You are most likely not running R80 as this was not a gateway version, but actually R80.10 as suggested by the patch you mention.

The behavior suggests an issue negotiating HTTPS connections.

Log entries related to this might be there (particularly if HTTPS Inspection is enabled)--I would look for these.

tcpdumps of connections might also be interesting to look at.

Most likely to troubleshoot this much further, you're going to need assistance from the TAC.

Especially if they advised you to apply said patch and it didn't resolve the issue.

0 Kudos
Narrah_Munthali
Participant
‎2018-11-25 10:20 PM
In response to PhoneBoy

Thank you for the response. I have taken the issue with the TAC team.

Their response time is a bit slow but i hope they will be able to assist.

Regards

Narrah

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events