Checkpoint FW-1 FP2

[Pedals]

Can any one help!

I have a problem on my firewall, where a service allows for example SMTP mail through but fails cause it is blocking on the return source port. However other SMTP connections from different servers work fine. I have also experienced this with RDP connections.

Thanks

D

 

[ChrisAC]

Checkpoint Firewall-1 is a stateful firewall and so providing that there is a legitimate connection entry for that SMTP connection then the reply traffic will be allowed through.

If you scroll along the line in the logs that shows a dropped connection you might see the reason for the drop. Eg. out of state connection, first packet was not a syn packet etc..

Chris.


**********************
Chris A.C, CCNA, CCSA
**********************

 

[Pedals]

Cheers for you response Chris,

However when I check the logs there is no information.

The latest problem I have experienced is with RDP, the rule allows connections on port 3389 however when I create an RDP connection the firewall blocks communication back on the source port.

D

 

[ChrisAC]

I have never seen this behavior on Firewall-1 and so I suspect that there is another reason. However, you really should be thinking about upgrading from FP2 to NG AI.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************