CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 6 of 6

Thread: Port 500 - not listening

  1. #1
    Join Date
    2005-09-30
    Posts
    12
    Rep Power
    0

    Default Port 500 - not listening

    Hi

    I'm having problems with users conencting via Securemote - in the fw logs they come in on port 500 - but then nothing happens. On the client side they get a "gateway not responding message"

    I ran netstat -an to check that the firewall is listening on Port 500 - but it isn't! What can I do to get this working again??
    thanks

  2. #2
    Join Date
    2006-01-26
    Location
    Moscow, Russia
    Posts
    704
    Rep Power
    14

    Default Re: Port 500 - not listening

    May be you need to restart vpnd (vpn drv off/on) or/and debug it (vpn debug on/off).

  3. #3
    Join Date
    2005-09-30
    Posts
    12
    Rep Power
    0

    Default Re: Port 500 - not listening

    ok

    If I do VPN DRV on - it says it is working okay.
    But if I attempt to do a VPN debug I get an error "cannot find PID of VPND". The PID file is there with a few numbers in it???

    The firewall will listen on port 500 if I enable IPSec as a windows service - but if I disable this service as per Checkpoint instructions no listening is taking place....

    thanks

  4. #4
    Join Date
    2006-01-26
    Location
    Moscow, Russia
    Posts
    704
    Rep Power
    14

    Default Re: Port 500 - not listening

    Do you use Windows platform?

    I try commands (vpn drv off/on) on my module - it's "bad" commands :) After vpn drv off/on, i have error like yours.

    Execute cprestart after that vpn debug on and check log (vpnd.elg), also see "event viewer". May be some CP services didn't start and windows log has information about errors.

  5. #5
    Join Date
    2005-09-30
    Posts
    12
    Rep Power
    0

    Default Re: Port 500 - not listening

    hi, thanks for the advice so far.
    All the services are starting ok. If we try and do a "VPN VPND" we get
    "cannot signal vpnd".

    We get no encrypted traffic at all logged - though we can see clients coming in with accepted IKE traffic on port 500 when they try and link via Securemote - but nothing happens.
    Is there an easy way to reinstall VPN-1 Pro??

  6. #6
    Join Date
    2006-01-26
    Location
    Moscow, Russia
    Posts
    704
    Rep Power
    14

    Default Re: Port 500 - not listening

    If all log is empty and you don't have another obstacles, why not. Really, may be problem with corrupted installation.

Similar Threads

  1. Port Scan showing port 264 open
    By roveer in forum Check Point UTM-1 Edge Appliances
    Replies: 7
    Last Post: 2013-03-19, 08:00
  2. Replies: 5
    Last Post: 2008-07-24, 05:29
  3. Dual port or quad port NICS in SPLAT
    By JeffN in forum Check Point SecurePlatform (SPLAT)
    Replies: 2
    Last Post: 2007-02-07, 21:50
  4. Host tried to open tcp service port, port xxxx
    By roadrunner in forum Services (TCP, UDP, ICMP, etc.)
    Replies: 0
    Last Post: 2005-08-13, 15:17
  5. Host tried to open tcp service port, port xxxx
    By Barry J. Stiefel in forum Services (TCP, UDP, ICMP, etc.)
    Replies: 0
    Last Post: 2005-08-13, 14:59

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •