This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Matlu
Advisor
‎2023-07-12 11:36 AM

Published service consumption problems.

Hello, everyone.

I am currently having a problem with accessing a web service.

We have an explicit rule that allows any Internet IP to access our published server, which has the domain name zonasegura.bn.com.pe.

The problem is that the Firewall is not processing the traffic with the explicit rule, and is sending all the traffic to the last rule of the rule base (Implicit rule).

Does anyone know how to correct this behavior?
I have a Cluster R81.10 with JHF take 87

I share images of the explicit rule, the CLEANUP rule, and the output of the command "fw ctl zdebug + drop | grep <ANY>".

IM4.pngIM3.pngIM2.pngIM1.png

Cheers. 🙂

0 Kudos
4 Replies
the_rock
Legend
Legend
‎2023-07-12 11:49 AM

Drop logs give you an answer. Its dropping on port 80, NOT 443, so you have to add port 80 to the rule. Make sure NAT is in place as well.

Andy

0 Kudos
Matlu
Advisor
‎2023-07-12 12:09 PM
In response to the_rock

The strange thing is that this service has always been consumed by the 443 (You open a browser and put the URL in https).

Suddenly the service stopped working.
Some users from the Internet report that the page takes too long to load, and others report that the same thing happens to them as to me, it just doesn't load.
 
The client tells me that this service should be consumed by the 443 and not by the 80, but in the Firewall nothing has been touched.
0 Kudos
the_rock
Legend
Legend
‎2023-07-12 12:10 PM
In response to Matlu

I would add port 80 based on what I see in the logs.

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2023-07-13 03:18 PM

Looks like the destination IP in the debug and the IP in the rule is different...maybe adjust the object OR use an FQDN Domain Object?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events