CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it yet again - That's right, the 3rd edition is here!
You can read his announcement post here.
It's a massive upgrade focusing on current versions, and well worth checking out. -E

 

Results 1 to 3 of 3

Thread: crypt.def following - sk86582 - how to exclude protocols

  1. #1
    Join Date
    2017-07-10
    Posts
    10
    Rep Power
    0

    Default crypt.def following - sk86582 - how to exclude protocols

    Hi,

    Following sk86582 it's possible to exclude certain address/subnets from the ipseq vpn.

    I need to exclude 2 addresses, and exclude only ping (ICMP). Is it possible to exclude a protocol? Did not see such option in the sk.

    If it's possible please help understand how to do so.

    Thanks

  2. #2
    Join Date
    2006-03-08
    Location
    Lausanne
    Posts
    1,030
    Rep Power
    15

    Default Re: crypt.def following - sk86582 - how to exclude protocols

    You can exclude certain protocols in VPN Community Advanced section. However, that would apply to all communications between both encryption domains.
    -------------

    Valeri Loukine
    CCMA, CCSM, CCSI
    http://checkpoint-master-architect.blogspot.com/

  3. #3
    Join Date
    2015-01-29
    Posts
    5
    Rep Power
    0

    Default Re: crypt.def following - sk86582 - how to exclude protocols

    Still related to this case, I have a similar issue, but with Small Business Appliance (SMB). IP1490 wich runs Gaia Embedded 77.20.70

    I need to do a IPSec VPN with WSS Blue Coat/Symantec Cloud and send only HTTP(80) and HTTPS(443) services to the tunnel.

    Its a Locally Managed and I could not find any option to exclude all other ports.

    I saw that though crypt.def file I can exclude some IP address/Networks and one IP and port together, but not a range of ports.

    Anyone know how can I do it?

    Regards.

Similar Threads

  1. What are the recommended protocols for s2s vpn today?
    By daniba in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 6
    Last Post: 2017-10-13, 16:33
  2. Can someone please explain me sk86582?
    By blason in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 14
    Last Post: 2015-09-28, 15:20
  3. R75.20 and the crypt.def file
    By SpottableJay in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 3
    Last Post: 2011-09-14, 10:48
  4. Stateful Protocols - ICMP
    By manuadoor in forum Miscellaneous
    Replies: 5
    Last Post: 2010-07-26, 11:47
  5. R62 and incorrect handling syslog and ESP protocols
    By sabyno in forum Miscellaneous
    Replies: 2
    Last Post: 2006-12-05, 05:01

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •