CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Results 1 to 3 of 3

Thread: BGMP/FW-1 secure remote topology requests Port 264

  1. #1
    Join Date
    2006-03-14
    Posts
    391
    Rep Power
    15

    Default BGMP/FW-1 secure remote topology requests Port 264

    Hello,
    I run a vulnerability check against the firewall and the report says the following port/service is open. How can I disable this service?

    BGMP/FW-1 secure remote topology requests Port 264

  2. #2
    Join Date
    2009-04-30
    Location
    Colorado, USA
    Posts
    2,252
    Rep Power
    15

    Default Re: BGMP/FW-1 secure remote topology requests Port 264

    The only way I know of for sure is to uncheck the VPN checkbox on the firewall object under Check Point Products (R65)/Network Security(R70) and reinstall policy. Of course this will completely disable all VPN functionality on your firewall.

    Since port 264 is used for SecureClient topology downloads, you'd think that removing the firewall from the RemoteAccess VPN community would make the firewall stop listening on this port. Nope.

  3. #3
    Join Date
    2006-03-14
    Posts
    391
    Rep Power
    15

    Default Re: BGMP/FW-1 secure remote topology requests Port 264

    I have removed this service by un-checking control connection under Global properties. How can I remove the "18264/tcp open == Check Point Internal CA Fetch CRL and User Registration Services"?
    Last edited by avilT; 2010-03-18 at 20:27.

Similar Threads

  1. Secure Client - Exempt some interfaces from topology
    By reticent in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 1
    Last Post: 2009-06-23, 23:44
  2. Secure Client Topology definition
    By ansuid in forum SecureClient/SecuRemote
    Replies: 2
    Last Post: 2007-08-16, 08:35
  3. No initial topology requests
    By bigll in forum SecureClient/SecuRemote
    Replies: 0
    Last Post: 2007-05-30, 23:28
  4. Which port to open for a SMartCenter to control a remote fw ?
    By derspot in forum Installing And Upgrading
    Replies: 3
    Last Post: 2006-12-15, 21:04
  5. remote access client IP address and port where changed?
    By Zulan in forum SecureClient/SecuRemote
    Replies: 0
    Last Post: 2006-06-21, 10:21

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •