Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Explorer

CP 5100 Series R80.30 SecureRemote drops after 17secs

Hi Checkpoint,

My VPN Client SecureRemote drops after reaching 17secs of being connected. I'm Using vE80.90, vE82.40, vE82.50 client.

But when i use Endpoint VPN, no issue encountered.

May i know how to resolve this?

 

Thanks.

 

Spark

0 Kudos
7 Replies
Highlighted

Hi,
Please post this again to the Remote Access Area
https://community.checkpoint.com/t5/Remote-Access-Solutions/bd-p/remote-access
0 Kudos
Highlighted
Admin
Admin

Or you can just move it there like I did. 🙂
Highlighted
Admin
Admin

0 Kudos
Highlighted
Collaborator

Hi,

 

You can do the following to resolve the issue sk78180

 

On all involved VPN Gateways that share the same encryption domain, modify the
$FWDIR/conf/trac_client_1.ttm file:
1. Connect to CLI on the VPN Gateway.
2. Backup the current file:
[Expert@HostName]# cp $FWDIR/conf/trac_client_1.ttm $FWDIR/conf/trac_client_1.ttm_ORIGINAL
3. Modify the current file:
[Expert@HostName]# vi $FWDIR/conf/trac_client_1.ttm
from
:automatic_mep_topology (

    :gateway (
        :map (
             :false (false)
                 :true (true)
                    :client_decide
                        (client_decide)
)
:default (true)
)
)
to
:automatic_mep_topology (
      :gateway (
            :map (
              :false (false)
                    :true (true)
:client_decide (false)
)
:default (false)
)
)

 

 

Highlighted
Explorer

I've done all the steps but still not able to connect via secuRemote.

here's the scenario.

when i used the Endpoint Security client.. i got the IP range of 17x.x.x.x/24 as default IP Office mode address and I'm able to connect to site.

client version e80.90

Endpoint Security VpnEndpoint Security Vpn

but when i use the secuRemote i got the IP range of 192.168.5.x/24 my connection drops after 17secs.

securemote.PNG

client version used for secuRemote.  e80.90, e80.92 , e82.40 e82.50, e82.10 e


Thank you.

 

 

0 Kudos
Highlighted
Admin
Admin

Remember that SecuRemote doesn't provide an Office Mode address by design.
Have you configured IP Pool NAT?
I know this works as I did it recently.
See: https://community.checkpoint.com/t5/Remote-Access-Solutions/Quick-Primer-on-How-to-Configure-your-Ga...
0 Kudos
Highlighted
Explorer

I tried to use the endpoint security vpn. and its working now. i can access local area connection. but i'm not able to access tunnel going to azure. please see link to another issue.

https://community.checkpoint.com/t5/Remote-Access-VPN/Remote-access-VPN-cannot-access-Azure-Tunnel-B...

Thanks

0 Kudos