Checkpoint Secureremote client VPN & ISA (Full Version)

All Forums >> [ISA Server 2000 Firewall] >> VPN



Message


Guest -> Checkpoint Secureremote client VPN & ISA (2.May2002 2:09:00 PM)

Firstly I am very new to ISA and need any assistance/guidance regarding the following:

Am using checkpoint hardware firewall and VPN device and secureremote for remote users. The remote users can authenticate just fine on the VPN device but cannot access the internal network. All attempts at ping and accessing Outlook fail/timeout.

The ISA is on an SBS 2000 server with 2 network cards.

Please tell me what I need to do to get this to work (preferably step by step guide)

Many thanks in advance.
H




Kirill -> RE: Checkpoint Secureremote client VPN & ISA (3.May2002 2:12:00 AM)

Unless you are running CheckPoint NG SP1, you are out of luck for now. Please read http://www.isaserver.org/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=13;t=000326




H -> RE: Checkpoint Secureremote client VPN & ISA (14.May2002 2:07:00 PM)

HI Kirill

As I understand it the securemote client is just presented at the ext interface of ISA as an IP address (assigned by the ISP).

The securemote client has already authenticated on the Nokia firewall but I need it to be able to pass through the SBS ISA to access the int network.

I can see from the logs that the server is trying to dish out DHCP addresses which are not relevant as the securemote client already has one from the ISP during the dial up process.

The ext NIC of the SBS server is not a legal IP address.

I really don't know how to proceed so any further advice would be gratefully received. [Confused]

Thanks




Kirill -> RE: Checkpoint Secureremote client VPN & ISA (14.May2002 10:15:00 PM)

Up until 4.1 SP6 and NG FP1 CheckPoint was sending the wrong UDP packets. Authentication would work, but the actual traffic would not pass.
Please read it again for more details: http://www.isaserver.org/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=13;t=000326

By the way, SP6 is out and it works! [Big Grin]




snowdon -> RE: Checkpoint Secureremote client VPN & ISA (22.Jun.2002 2:25:00 PM)

quote:
Originally posted by Kirill:
<snip>

By the way, SP6 is out and it works! [Big Grin]

Cool, but where is it? I went to the checkpoint site, but found only SP5 and NG avail for download!
Can I use replace my current 4.1 SP3 DES with NG without too much hassle?? [Confused]




H -> RE: Checkpoint Secureremote client VPN & ISA (29.Jul.2002 5:14:00 PM)

Hi Kirill

Thanks for the update, however, we are using NAT on the Nokia and I suspect that even with SP6 it still won't work - grateful for any further thoughts.

Thanks
H




Page: [1]