PGP act as a remote VPN client open exchange mailbox thro CP-FW1

[RaymondLee]

Can anyone tell me how PGP desktop security 7.0 act as a remote VPN client to dial-in to internal LAN to open exchange 5.5 mailbox through Checkpoint Firewall-1 as VPN gateway? I preferred to use outlook express as email client and use IMAP as protocol to connect. Can PGP 7.0 also act as a VPN gateway? If so, do I need to install it as a separate NT 4.0 server within the internal LAN? What port no. PGP use in order to let it pass through Checkpoint Firewall-1?

Many thanks

 

[TheSaint]

Hi,

if you have an X.509 certificate cerver (RSA, NAI, or any other)then all you need, given that you already have Checkpoint/VPN, is emit a certificate for the remote user, have the VPN client of PGP request it and there you go, the remote user will be able to open his mailbox exactly like if he was on the lan. This arise another security threat though, is this user's workstation secure ? You have to enable some kind of personnal firewall, in he last PGP I saw there was one included with the product, I'd make sure it's correctly configured. Imagine a end user having a VPN link directly to your lan with a backorifice running !

Hoping I'm pointing you in the right direction...