Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ChoiYunSoo
Contributor

What actions are required to control the 'IP in IP' protocol at checkpoint?

Hi

 

Can Checkpoint control the 'IP in IP' protocol?

 

'IP in IP' is an IP tunneling protocol that encapsulates one IP packet in another IP packet.

And if you search IP in IP in Checkpoint, you can check the corresponding protocol in Application/Categories

 

However, the 'matched by protocol' of the protocol is icmp.

There are some things I don't know about how the 'ip in ip' protocol works, but the fact that 'matched by protocol' is icmp remains a question.

 

Checkpoint If I apply 'ip in ip' from 'applications' categories to the rule, will I be able to get the desired action?

And if there is a way to use only the service object without using the application policy, please let me know.

 

1.png

 

 

0 Kudos
4 Replies
_Val_
Admin
Admin

This should work with the default settings as shown

0 Kudos
ChoiYunSoo
Contributor

Thank you for your reply

I also think it should work normally.

However, I am suspicious that the 'Match by' protocol is displayed as icmp, so I am confused as to whether that is correct.

Is there a case for controlling the 'IP in IP' protocol at checkpoint?

 

 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Afaik 'IP in IP' protocol is only used for experimental purposes today as there are many newer possibilities to achieve tunneling available. So why would you use this in rule base ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
ChoiYunSoo
Contributor

Your answer and general explanation were very helpful. Thank you.

But the last question, 'Why would you use this in rule base?' I don't understand the intent of the question.

I would appreciate it if you could tell me what your intention was with your question.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events