Protocol Migration from Checkpoint

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Protocol Migration from Checkpoint

Not applicable

Hello,

We have some protocols defined on Checkpoint, and we are not able to traduce to PAN 4.0.

FTP_mapped is defined as Protocol 6, match SRV_REDIRECT (21,0.0.0.0,21), set r_mhandler

HTTP_mapped is defined as Protocol 6, match SRV_REDIRECT (80,0.0.0.0,80)

backweb is defined as Protocol 17, match Backweb_match

Could somebody help me?

Thanks.

1 REPLY 1

Cyber Elite
Cyber Elite

Hi

have these services been setup with a specific purpose in mind? the http_mapped and ftp_mapped are actually redirect services that would divert traffic to a predefined ip and port, but the services would look like eg. (80,10.1.1.1,87) where  port 80 is intercepted and forwarded to 10.1.1.1 on port 87 where the original destination IP should be that of the firewall

you should be able to easily reacreate this by setting up PBF to forward specific applications or NAT to do port translation

backweb is most likely a custom service, if you search your services tab it should be listed with its port information (search the UDP services)

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
  • 2147 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!