Solved

antispoofing or DNS problems?

Posted on 2008-06-24
3
831 Views
Last Modified: 2013-11-16
Have checkpoint NG fp3 and experienced a power outage and now no VPN clients can ping or connect any internal devices even though clients are authenticated.  Clients using secure remote log "local interface address spoofing" and can't ping or get anywhere.  While secure clients can ping some internal devices and not others.  On the client side I'm handed a address and DNS server IP from the internal network, but no gateway address from the NG dhcp server(?)   How is anti-spoofing turned off on NG fp3?  thanks in advance.  
0
Comment
Question by:TriCountyIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
mabutterfield earned 500 total points
ID: 21859802
Anti-spoofing is configured on the properties of the firewall object in smart dashboard.  

Goto the topology tab, and open up each interface.  You can turn anti-spoofing on and off from there.

What platform is it running on?  I've had some problems when i've lost power before that were similar to what it sounds like you're having.  

Try to uninstall the policy, then re-install it.  
0
 

Author Comment

by:TriCountyIT
ID: 21860275
Running on Linux, Client log says SecureClient failed to communicate with Policy server Firewalll at site firewall
0
 
LVL 7

Expert Comment

by:mabutterfield
ID: 21867591
On the firewall console, issue the command 'cpstat polsrv -f all'   and paste the output.

Are you getting errors in the SmartView Tracker log that correlate to a secure client failure?
0

Featured Post

Veeam gives away 10 full conference passes

Veeam is a VMworld 2017 US & Europe Platinum Sponsor. Enter the raffle to get the full conference pass. Pass includes the admission to all general and breakout sessions, VMware Hands-On Labs, Solutions Exchange, exclusive giveaways and the great VMworld Customer Appreciation Part

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
Resolve DNS query failed errors for Exchange
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question