Loading...
Loading...
Not possible to connect to the Standby cluster member from a non-local subnet (source and destination are not on the same subnet). ; Connecting to the Standby member from a local subnet (source and destination are on the same subnet) works as expected. ; Output of the " fw ctl zdebug drop " on the Active or on the Standby cluster member during the issue shows this drop: fw_log_drop_ex: Packet proto=6 <Source IP Address>:443 -> <IP Address of Standby Cluster Member>:<Some Port> dropped by fwchain_reject_mtu Reason: rejected;
VPN Visitor Mode is enabled, the Active / Standby cluster member rejects all traffic sent to the Standby cluster member on the Visitor Mode port. By default, VPN Visitor Mode is enabled on the TCP port 443.
Gaia
Click on a version to see all relevant bugs
Check Point Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.