Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

CheckPoint Firewall - VSX 80.10 xlate Port Higher than 65535

New Member
Posts: 1
2791     0

Hey all,

I am rather new to the checkpoint platform so I am learning slowly. I am familiar with FTD and ASA so basically I have halfway decent firewall knowledge so now I am just trying to understand a new platform. We are having some intermittent connectivity issues to the point where users are experiencing websites that work sometimes and at other times they don't. Basically all users are going through a proxy server and that proxy server hands off to our checkpoint VSX. The VSX has a NAT setup and the outside world perceives http/https coming from a single source.

What I am seeing in the logs is that occasionally I will see a Xlate NAT Source port with a value higher than 65535 and it seems to correlate to web requests that are having issues. I am seeing values on the xlate Nat Source port of numbers like 65892 and 65734. These don't seem to make sense to me as ports higher than 65535 wouldn't be valid on a standard source port.

Does anyone have any thoughts on this behavior?

Re: CheckPoint Firewall - VSX 80.10 xlate Port Higher than 65535

Techie
Posts: 9
2792     0

This seems to be a bug with CheckPoint. See the below KB article from CheckPoint.

 

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

Regards,

Vishnu Nair

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin