This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Andrey_Gl
Explorer
Explorer
‎2023-07-27 04:24 AM

Exclude CPM Traffic from Implied Rules for one GW r81.10

We manage a lot of gateways through our SMS, but on one gateway there is a need to encypt management traffic (CPM, etc.) through a tunnel. How can we configure the implied_rules.def file so that the traffic specifically to that gateway does  go through the tunnel but not for others?

0 Kudos
2 Replies
Tal_Paz-Fridman
Employee
Employee
‎2023-07-27 04:54 AM

Please look at:

https://community.checkpoint.com/t5/Management/Exclude-CPM-Traffic-from-Implied-Rules/m-p/9187#M1452

 

And:

sk105719  CPMI/CPM traffic from remote SmartConsole client to the Management Server is not encrypted, but accepted by Implied Rules instead:

https://support.checkpoint.com/results/sk/sk105719

 

But as PhoneBoy wrote:

"As a general rule, it is a bad idea to force control connections through the VPN.

If your VPN goes down for any reason, getting it back up when you have no ability to manage the gateway becomes a challenge."

 

0 Kudos
Andrey_Gl
Explorer
Explorer
‎2023-07-27 06:10 AM
In response to Tal_Paz-Fridman

I agree with you, but there is only one cluster of gateways and there is only one public address (the vip address is public, and the addresses on the nodes are local), so it is not possible to manage them outside the tunnel.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events