The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Remote Access with Visitor Mode set to use TCP port 444 no longer works after upgrading to R77.30
Technical Level
Solution ID
sk111974
Technical Level
Product
Endpoint Security VPN
Version
R77.30 (EOL)
OS
Gaia
Platform / Model
All
Date Created
23-Jun-2016
Last Modified
13-Aug-2019
Symptoms
If Visitor Mode (located in 'Gateway/Cluster Object > VPN Clients > Visitor Mode Configuration') is configured to use port 444 (CP_SSL_Network_Extender), it can no longer connect after upgrading to R77.30.
fw ctl zdebug drop shows traffic to port 444 dropping on rule 0.
Cause
A new implied rule in R77.30 blocks unencrypted traffic on port 444. This causes the initial connection from the Remote Access client to be dropped.
