Re: Checkpoint Firewall denying Explicit SSL



On Dec 7, 2007 2:25 PM, TVB NOC <tvbnoc@xxxxxxxxxxxxxxxxxxxxxx> wrote:
If I remember correctly, when I used to have these kinds of issues, I
would create an object for the device or server in question, and
associate the object to the services I would need to allow for
communication.

Try that, this will hopefully bypass the security in smart defense...
Also, when you filter in your logs to that IP address of the server, do
you see smartdefense blocking or any other denies in tracker??? (I
should have asked you that first)

We are getting an error back, when looking up the error and applying
the requested fix, it is not "fixing" the issue... ;p That was where
I ended up locating this other SK - but I can not seem to locate that.



-----Original Message-----
From: Rob Thompson [mailto:my.security.lists@xxxxxxxxx]
Sent: Friday, December 07, 2007 1:45 PM
To: TVB NOC
Cc: <
Subject: Re: Checkpoint Firewall denying Explicit SSL

On Dec 7, 2007 12:56 PM, TVB NOC <tvbnoc@xxxxxxxxxxxxxxxxxxxxxx> wrote:
Check your smart defense settings, not sure exactly the area, but
somewhere in your settings I believe you will find FTP and SSL related
configurations.

We have gone though that. We did find an article that discussed
setting the rule to "FTP_BASIC", though that didn't seem to help
either. The recommendation to set that came from Checkpoint
themselves, in regard to the error that we are receiving back from the
Firewall.


There is another area too, but I can not remember without looking at
the
dashboard... Sorry!!!

Nothing to be sorry about. Your comments are very much appreciated. :)


I will also see if I can locate your article too...

I would appreciate it. Thank you kindly. My efforts have come to be
rather fruitless...

We're actually down to the point that we are seriously considering
calling Checkpoint... :(

--
Rob




--
Rob



Relevant Pages

  • RE: Checkpoint Firewall denying Explicit SSL
    ... Also, when you filter in your logs to that IP address of the server, do ... Checkpoint Firewall denying Explicit SSL ... somewhere in your settings I believe you will find FTP and SSL related ... The recommendation to set that came from Checkpoint ...
    (Security-Basics)
  • RE: login and email problems
    ... Please carefully check settings required in my previous post and post the ... Install the RPC ping utility on the client computer and then open a command ... Microsoft CSS Online Newsgroup Support ... Leave the Default Gateway of the internal NIC blank of the server box. ...
    (microsoft.public.windows.server.sbs)
  • Re: Monitoring and Alerts
    ... Relay settings for Exchange SMTP Virtual Server: ... we pursue the performance alerts issue further. ... | Subject: Re: Monitoring and Alerts ...
    (microsoft.public.windows.server.sbs)
  • Re: User-Specific Settings
    ... clear statement from the vendor that running ACT! ... Server is *not* supported. ... it would explain why changes in settings are not preserved. ... MCSE, CCEA, Microsoft MVP - Terminal Server ...
    (microsoft.public.win2000.termserv.apps)
  • Re: All remote access stopped ?
    ... Server 2003 Remote Web Workplace ... Microsoft CSS Online Newsgroup Support ... <Firewall Settings on lefthand side, Advanced settings, Under attack ...
    (microsoft.public.windows.server.sbs)