CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 3 of 3

Thread: crypt.def following - sk86582 - how to exclude protocols

  1. #1
    Join Date
    2017-07-10
    Posts
    10
    Rep Power
    0

    Default crypt.def following - sk86582 - how to exclude protocols

    Hi,

    Following sk86582 it's possible to exclude certain address/subnets from the ipseq vpn.

    I need to exclude 2 addresses, and exclude only ping (ICMP). Is it possible to exclude a protocol? Did not see such option in the sk.

    If it's possible please help understand how to do so.

    Thanks

  2. #2
    Join Date
    2006-03-08
    Location
    Lausanne
    Posts
    1,028
    Rep Power
    14

    Default Re: crypt.def following - sk86582 - how to exclude protocols

    You can exclude certain protocols in VPN Community Advanced section. However, that would apply to all communications between both encryption domains.
    -------------

    Valeri Loukine
    CCMA, CCSM, CCSI
    http://checkpoint-master-architect.blogspot.com/

  3. #3
    Join Date
    2015-01-29
    Posts
    5
    Rep Power
    0

    Default Re: crypt.def following - sk86582 - how to exclude protocols

    Still related to this case, I have a similar issue, but with Small Business Appliance (SMB). IP1490 wich runs Gaia Embedded 77.20.70

    I need to do a IPSec VPN with WSS Blue Coat/Symantec Cloud and send only HTTP(80) and HTTPS(443) services to the tunnel.

    Its a Locally Managed and I could not find any option to exclude all other ports.

    I saw that though crypt.def file I can exclude some IP address/Networks and one IP and port together, but not a range of ports.

    Anyone know how can I do it?

    Regards.

Similar Threads

  1. What are the recommended protocols for s2s vpn today?
    By daniba in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 6
    Last Post: 2017-10-13, 16:33
  2. Can someone please explain me sk86582?
    By blason in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 14
    Last Post: 2015-09-28, 15:20
  3. R75.20 and the crypt.def file
    By SpottableJay in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 3
    Last Post: 2011-09-14, 10:48
  4. Stateful Protocols - ICMP
    By manuadoor in forum Miscellaneous
    Replies: 5
    Last Post: 2010-07-26, 11:47
  5. R62 and incorrect handling syslog and ESP protocols
    By sabyno in forum Miscellaneous
    Replies: 2
    Last Post: 2006-12-05, 05:01

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •