This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Libin_Thomas
Contributor
‎2018-11-25 12:04 AM

Custom ports access not working after doing R80.10 upgrade

 All,

 Recently we upgraded the firewall and management to R80 .10 , all services and vpn came up but we faced issues in site to site vpn . Multiple custom port applications and voip phones were not working through site to site vpn .

HO is the checkpoint and the remote site is cyberroam , we were able to telnet the port but could not able to access the application with custom ports. we created the custom port and tried, also checked the match for any other  option as well but didn't work. 

when we reverted it back to R77.30 everything works. 

Any thoughts or inputs will be much appreciated. 

0 Kudos
Reply
4 Replies
PhoneBoy
Admin
Admin
‎2018-11-25 09:15 AM

Did you downgrade both back to R77.30?

Also some samples of the rules in question may be helpful.

Are you using App Control as well?

Also did you open a TAC case on this?

0 Kudos
Reply
Libin_Thomas
Contributor
‎2018-11-25 12:22 PM
In response to PhoneBoy

Did you downgrade both back to R77.30?p- yes we downgraded both boxes to R77.30

Also some samples of the rules in question may be helpful.

In R77.30 The working rule is

Source:Local Vpn domain network

destination :Remote vpn domain network

service :any

community :specific site to to vpn community

In R80.10 – we tried to create a specific rule with custom port on site to site vpn policy\

The custom ports are 8080,1521.avaya ports

Are you using App Control as well?- No

Also did you open a TAC case on this?- yes we opened a critical case but unfortunately TAC worked for 8 hrs and said that it was not an issue with the checkpoint .TAC mentioned that remote site (firewall cyberroam)have issues. But later when we reverted back everything worked .

.

0 Kudos
Reply
PhoneBoy
Admin
Admin
‎2018-11-25 06:10 PM
In response to Libin_Thomas

Please send me the SR in a PM.

Did you try it with service "any" in R80.10 as you had it in R77.30?

Did you try it with custom ports in R77.30?

0 Kudos
Reply
Mario_Fambach
Explorer
‎2020-01-28 03:51 AM
In response to Libin_Thomas

Hi Thomas,

did you solve your issue? I'm asking because I'm having a similar issue after upgrade the SmartCenter from R77.30 to R80.30 by one of my customers.  My customer is using VoIP from Avaya and the communication to the Avaya call manager is running thougth a vpn tunnel. Reverting back to the old R77.30 SmartCenters solves the issues with VoIP.

Thanks!

Mario

0 Kudos
Reply