 | ||
 SmartDashboard can't connect to FW | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2005-12-13 | |||
| |||
 SmartDashboard can't connect to FW Hello to all, I have problem..I can't connect to FW with SmartDashboard.Our enterprise have 5 sites all connected to internet via CP FW all sites is in Enterprise VPN. Between sites we allow any traffic.. But in all FW's we have added rule: Source (all sites Networks (Negate Cell));Destination (Site FW); VPN (Any Traffic); Service (https,ssh, CPMI (Negate Cell));Action (Drop) Then I try to connect from my site to other sites FW I can normally connect via https, ssh but SmartDashboard says: "Connection cannot be initiated. Please make sure that Server "Other site FW IP" is up and running and that you are defined as a GUI Client" My IP is added to "GUI Clients" list.Then I disable this rule I can connect to FW via SmartDashboard. Please help me...  |
| 2005-12-13 | |||
| |||
| Re: SmartDashboard can't connect to FW If you are not putting the CP traffic through the VPN (which you shouldn't) and you are hide natting your host behind your local firewall, the remote firewall will see the traffic from the external IP address of the firewall and not your local IP address. With the rule that you have in place it looks like it would drop that traffic because it's not from an interal network. My opinion is that the best way to do it would be to static NAT your MS/gui client if you can and then allow that external IP address go to the remote firewall IP's in a separate rule. Make sure that the Check Point traffic doesn't go through the VPN, if it does you will have a problem getting to the remote firewalls if the VPN is ever down. |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
