This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Matlu
MVP Silver
MVP Silver
‎2025-05-30 05:49 PM
Jump to solution

Problems with INTERNET object

Hello, Mates

Have you ever had errors with FW rules, which have configured in the “Destination” column the object “INTERNET” that appears when we activate APPC+URL?

I have a few policies, but the FW does not respect the order of the rules, and goes to the implicit one which is “Clean UP” and blocks the traffic.

When I change the destination from “INTERNET” to an “ANY”, the FW starts to “respect” the order of all the rules.

For example:
Rule 1:
Source: 100.130.10.0/24
Destination: INTERNET
Services: News/Media

If I leave the rule as I just wrote it, the FW does not respect the traffic, and goes to the last rule, and everything is discarded.
The only solution I have found is to change the “INTERNET” to “ANY” and then everything works fine.

Any idea why this is happening?

I have a FW in R82 version, with active blades like “APPC,URFL, IPS, AV”.

Greetings.

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2025-05-31 04:44 PM
In response to the_rock
Jump to solution

It's expected behavior for some topologies involving bridge mode, improperly defined topology or only a single interface.

CCSM R77/R80/ELITE

View solution in original post

8 Replies
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2025-05-30 07:09 PM
Jump to solution

How is your topology defined, is 100.130.10.0/24 the actual src subnet for example a DMZ?

CCSM R77/R80/ELITE
0 Kudos
Matlu
MVP Silver
MVP Silver
‎2025-05-30 07:25 PM
In response to Chris_Atkinson
Jump to solution

Hello
My Check Point is in bridge mode.
I am not currently working the device with 'Securitys Zones'
In the topology of my Check Point object, I only have one of the interfaces referenced as EXTERNAL and the other as THIS NETWORK.

0 Kudos
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2025-05-30 07:38 PM
In response to Matlu
Jump to solution

There are existing SKs for such scenarios refer sk106319, sk152432

CCSM R77/R80/ELITE
0 Kudos
Matlu
MVP Silver
MVP Silver
‎2025-06-01 09:10 AM
In response to Chris_Atkinson
Jump to solution

Hi

My only doubt with the documents, is that there is no ‘listed’ version R81.20 and R82

Should I assume that this behavior, impacts all versions, despite not being in the document?

Thanks

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-06-01 01:08 PM
In response to Matlu
Jump to solution

That would make sense to me bro.

Andy

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-05-31 06:24 AM
In response to Matlu
Jump to solution

Ola bro,

Never had such an issue myself, you just need urlf blade enabled in the layer to use Internet object. Can you give an example? I can test it in the lab tomorrow.

Andy

0 Kudos
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2025-05-31 04:44 PM
In response to the_rock
Jump to solution

It's expected behavior for some topologies involving bridge mode, improperly defined topology or only a single interface.

CCSM R77/R80/ELITE
the_rock
MVP Gold
MVP Gold
‎2025-05-31 04:48 PM
In response to Chris_Atkinson
Jump to solution

Ah ok, makes sense.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events