CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it yet again - That's right, the 3rd edition is here!
You can read his announcement post here.
It's a massive upgrade focusing on current versions, and well worth checking out. -E

 

Results 1 to 2 of 2

Thread: FW and Proxy

  1. #1
    Join Date
    2017-11-29
    Posts
    1
    Rep Power
    0

    Default FW and Proxy

    Good afternoon, colleagues!

    CheckPoint (Firewall & IPS) is installed on the border with the Internet. On the LAN side, hosts on the local network and CheckPoint share the proxy server. Therefore, in the CheckPoint events in the "Source" field, the IP address (and name) of the proxy server is almost everywhere written. This is logical, but it is not suitable for us.

    Is there a solution that would allow for our allocation scheme in the "Source" field, would CheeckPoint display the IP addresses of hosts from the local network?

    Change the network location of network devices (proxy server, CheckPoint) is not possible.

    PS In the case of other IPS, I had this practice: the proxy server added the IP address of the local node in the special field of each packet, and IPS read this field, and wrote this value in the "Source" field. This is a little artificial way, yes, but it worked as it should. Is it possible to configure CheckPoint in this manner?

  2. #2
    Join Date
    2007-06-04
    Posts
    3,314
    Rep Power
    17

    Default Re: FW and Proxy

    Nearest there is for X-Forward-For header support which is there if have additional software blades such as AppCtrl/URL etc enabled. ( if you have them then the only reason for Proxy Server is whilst migrating from Proxy to Check Point Blades )

    However only works with HTTP/HTTPS traffic where the Proxy is configured to include that information.

    Changing IP of Proxy or Check Point ( and network location ) isn't going to do anything for you even if you did this as will still see the Source IP in the header of the packet as the Proxy Server.

Similar Threads

  1. Proxy
    By DaveCullen86 in forum R77.10
    Replies: 5
    Last Post: 2014-09-22, 16:39
  2. Anyone know if this can be fed from a proxy?
    By boldin in forum Data Loss Prevention Blade (DLP))
    Replies: 7
    Last Post: 2010-08-12, 07:21
  3. FW-1 Request to proxy other than next proxy
    By intehnet in forum Miscellaneous
    Replies: 0
    Last Post: 2005-12-13, 00:01
  4. Request to proxy other than next proxy resource http://proxy.foo.com
    By roadrunner in forum Content Security/Security Servers/CVP/UFP
    Replies: 0
    Last Post: 2005-08-14, 12:23

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •