This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allow Checkpoint Securemote Client through firewall

I am trying to connect to a business client who used checkpoint as their firewall and mandates that we use securemote 5.1 to connect. We are not able to get through the firewall to connect and the packet filter log does not show the particular user's ip address as dropping packets. How can I tell what ports and services need to be allowed in the network definitions?
I am allowing all IPsec traffic from the local network to any destination but that has no effect.

This thread was automatically locked due to age.

0 BAlfson over 16 years ago

I googled on secureremote ports and found:
Symptoms:
Unable to establish SecuRemote session with a remote Firewall-1 through a filtering device

Cause:
The filtering device has the following ports blocked: -TCP Port 264 -TCP Port 256 -UDP Port 259 -UDP Port 500 -Protocol 94, 50 and 51.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 bfulford over 16 years ago in reply to BAlfson

Still getting a message that the gateway cannot be contacted.

I have a rule that is allowing INTERNAL --> ANY with the IPSEC service

The IPsec service includes the following: IPsec-IKE (udp 500), IPsec-ESP (IP 50), IP 94, IPsec-AH (IP 51), UDP 259, TCP 256, TCP 264, NAT-T all allowing 1:65535 to specific port.
Cancel
Vote Up 0 Vote Down

Cancel