- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
so you might have asymmetry,
the external GW go via the internal GW, and the reply from MGMT going directly to the external GW maybe.
bottom line, topology needs to be examined. run 'tcpdump/fw monitor' on all GWs and mgmt to understand how the traffic flows.
run fw ctl zdebug + drop on all GWs on maintenance window to see if & who drops the traffic. (reset with 'fw ctl debug 0')
consider changing the topology. if not, at least make sure all your connections from/to mgmt routed in symmetric way.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY