CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3, 9/7.
2. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
3. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > SmartDefense
Reload this Page Cannot use skype
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2006-10-26
20100 20100 is offline
Junior Member
  
Join Date: 2006-10-18
Posts: 13
Rep Power: 0
20100 has an average reputation (10+)
Default Cannot use skype
Hi,

Since upgrading from R55 to R61, skype does not work anymore.

From the logs, it looks like Smartdefense is blocking traffic on port 443, but there is no rule number.

Traffic from the LAN to outside is allowed on port 80 and 443

I had a good look at Smartdefense, and rules for Skype is set to "monitor only. do no block"

As anyone come up with the same problem?

Thanks for your help
Reply With Quote
  #2 (permalink)  
Old 2006-10-27
northlandboy northlandboy is offline
Senior Member
  
Join Date: 2006-07-28
Location: New Zealand
Posts: 808
Rep Power: 3
northlandboy has an average reputation (10+)
Default Re: Cannot use skype
Monitor only doesn't always work as advertised.

Is there anything in the information field in the dropped traffic log entry?

Anything if you run a SmartDefense log query?

What happens if you turn off that protection altogether?
Reply With Quote
  #3 (permalink)  
Old 2006-10-30
20100 20100 is offline
Junior Member
  
Join Date: 2006-10-18
Posts: 13
Rep Power: 0
20100 has an average reputation (10+)
Default Re: Cannot use skype
Thanks you put me on the right track!

By looking at the smartdefense querry, I saw "SSLv3 malformed packets" error messages.
So, I looked further in Smartdefense and in "VPN Protocol", "SSL Enforcement", I ticked "Monitor only", and that fixed the problem.

Cheers
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 02:29.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0