- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
CheckPoint Firewall - VSX 80.10 xlate Port Higher than 65535
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2020 03:06 AM
Hey all,
I am rather new to the checkpoint platform so I am learning slowly. I am familiar with FTD and ASA so basically I have halfway decent firewall knowledge so now I am just trying to understand a new platform. We are having some intermittent connectivity issues to the point where users are experiencing websites that work sometimes and at other times they don't. Basically all users are going through a proxy server and that proxy server hands off to our checkpoint VSX. The VSX has a NAT setup and the outside world perceives http/https coming from a single source.
What I am seeing in the logs is that occasionally I will see a Xlate NAT Source port with a value higher than 65535 and it seems to correlate to web requests that are having issues. I am seeing values on the xlate Nat Source port of numbers like 65892 and 65734. These don't seem to make sense to me as ports higher than 65535 wouldn't be valid on a standard source port.
Does anyone have any thoughts on this behavior?
Re: CheckPoint Firewall - VSX 80.10 xlate Port Higher than 65535
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2020 01:59 AM
This seems to be a bug with CheckPoint. See the below KB article from CheckPoint.
Regards,
Vishnu Nair