Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

antispoofing or DNS problems?

Posted on 2008-06-24
3
Medium Priority
?
838 Views
Last Modified: 2013-11-16
Have checkpoint NG fp3 and experienced a power outage and now no VPN clients can ping or connect any internal devices even though clients are authenticated.  Clients using secure remote log "local interface address spoofing" and can't ping or get anywhere.  While secure clients can ping some internal devices and not others.  On the client side I'm handed a address and DNS server IP from the internal network, but no gateway address from the NG dhcp server(?)   How is anti-spoofing turned off on NG fp3?  thanks in advance.  
0
Comment
Question by:TriCountyIT
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
mabutterfield earned 2000 total points
ID: 21859802
Anti-spoofing is configured on the properties of the firewall object in smart dashboard.  

Goto the topology tab, and open up each interface.  You can turn anti-spoofing on and off from there.

What platform is it running on?  I've had some problems when i've lost power before that were similar to what it sounds like you're having.  

Try to uninstall the policy, then re-install it.  
0
 

Author Comment

by:TriCountyIT
ID: 21860275
Running on Linux, Client log says SecureClient failed to communicate with Policy server Firewalll at site firewall
0
 
LVL 7

Expert Comment

by:mabutterfield
ID: 21867591
On the firewall console, issue the command 'cpstat polsrv -f all'   and paste the output.

Are you getting errors in the SmartView Tracker log that correlate to a secure client failure?
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question