This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Krishna
Participant
‎2019-06-17 08:58 AM

Post-Encrypt traffic is not visible in Fw monitor. Other end FW is not receiving traffic sent by me

Below are the logs collected from the primary gateway of my firewall. In "O" the source IP is getting NATed to the NAT IP and then pre-encrypt is shown and not receiving the POST-encrpt packet.The other end firewall is not observing any traffic.

 

 

[vs_0][fw_2] eth1:i[60]: 10.140.96.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000
[vs_0][fw_2] eth1:I[60]: 10.140.96.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000
[vs_0][fw_2] eth0:o[60]: 10.140.96.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000
[vs_0][fw_2] eth0:O[60]: 10.40.112.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000
[vs_0][fw_2] eth0:e[60]: 10.40.112.6 -> 10.232.144.14 (TCP) len=60 id=42611
TCP: 40768 -> 515 .S.... seq=24587d9c ack=00000000

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2019-06-17 09:37 PM

Have you done any fw ctl debug by chance?
You might also add -p all to your fw monitor CLI.
Some fw ctl debug: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
0 Kudos
Maarten_Sjouw
Champion
Champion
‎2019-06-17 11:33 PM
In response to PhoneBoy

Really sounds like the tunnel is down, have you checked with vpn tu
Is anything showing (is it logged?) in the logs?
Regards, Maarten
0 Kudos
Krishna
Participant
‎2019-07-15 02:59 AM

The issue is interlinked with another issue(link below) and once that is resolved, this got resolved automatically.

https://community.checkpoint.com/t5/CloudGuard-IaaS/The-NAT-issue-on-CP-firewall-deployed-in-the-Azu...
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events