Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
NG FP3 SecureRemote setup
- Thread starter mrwalsh1
- Start date
Have you created the accounts on the FW? The basic's that needs to be done are:
* Create rules to allow VPN access to your Network.
* Create your users and groups
* Define where and what VPN users can go and what services they can use.
CheckPoint has a number of documents on this, go to the downloads section of Checkpoint.com.
![[cheers]](/data/assets/smilies/cheers.gif "[cheers] [cheers]")
* Create rules to allow VPN access to your Network.
* Create your users and groups
* Define where and what VPN users can go and what services they can use.
CheckPoint has a number of documents on this, go to the downloads section of Checkpoint.com.
Same problem here, lack of documentation. Just trying to setup VPN using secure remote.
Apparently you have to have a support agreement with checkpoint to download documentation from them. A software agreement doesn't seem to get it. Asks for another password.
They have one public configuration document but it's for SecureClient. I have a pretty good manual from Syngress "Checkpoint NG" but it must be from an earlier release of NG, it doesn't match up with the Dashboard screens. )-:
Apparently you have to have a support agreement with checkpoint to download documentation from them. A software agreement doesn't seem to get it. Asks for another password.
They have one public configuration document but it's for SecureClient. I have a pretty good manual from Syngress "Checkpoint NG" but it must be from an earlier release of NG, it doesn't match up with the Dashboard screens. )-:
If you have administered CP before there are many changes. If you are defining your users by generic* this entry is not under users anymore (although if you do an in-place upgrade to FP3 it stays there). Generic* is now created under External User Profile (note verify under the personal tab the expiration date is good).
If your rulebase is traditional you will have SOURCE [some type of user], DEST [some network object(s), SERVICE [your access policy], ACTION [client encrypt].
If your rulebase is simplified you will have SOURCE [some type of user], DEST [some network object(s), VPN [this is where you define access type], SERVICE [your access policy], ACTION [accept].
good luck
If your rulebase is traditional you will have SOURCE [some type of user], DEST [some network object(s), SERVICE [your access policy], ACTION [client encrypt].
If your rulebase is simplified you will have SOURCE [some type of user], DEST [some network object(s), VPN [this is where you define access type], SERVICE [your access policy], ACTION [accept].
good luck
Hi,
If the problem that you have is getting the following error message:
"Refused Topology request. User not defined properly"
Then the problem is due not having authentication scheme defined properly on the firewall management station.
You should define a user with IKE authentication scheme (could be certificate/password)
Alon
If the problem that you have is getting the following error message:
"Refused Topology request. User not defined properly"
Then the problem is due not having authentication scheme defined properly on the firewall management station.
You should define a user with IKE authentication scheme (could be certificate/password)
Alon
- Status
Similar threads
- Locked
- Question
- Locked
- Question