This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
fabionfsc
Contributor
‎2024-09-17 09:55 PM

With an automatic Hide NAT, the Firewall basically delivers the communication using the Firewall's own IP. We need to analyze who the Default Gateway of your CIFS server is, because it seems that it is not the Firewall that you are connected to via Remote Access VPN, therefore, it does not know the Office Mode network of your Firewall.

Log in to your CIFS server and check if it can ping the real IP that was assigned to you in Office Mode. The communication worked, because the Default Gateway of your CIFS server was able to communicate with the Firewall that you are connected to via Remote Access, but for some reason it cannot communicate with your real Office Mode IP.

In other words, since the Check Point Firewall stores the communications in the NAT table, when the packet is returned to the Firewall's IP, it knows your Office Mode and delivers the packet to you (with Automatic Hide NAT enabled), but the IP that arrives at the CIFS server is the Firewall's IP.

If the CIFS server is behind another Firewall, make a route on this Firewall, something like {If Destination = Office Mode, then Default Gateway = Your Office Mode Firewall IP}.

(1)
Who rated this post