Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Wayne_Hammond
Contributor

Checkpoint Client VPN

Hi,

 

I just configured a second CP FW as a VPN gateway in the Remote Access VPN Community.

Myself and my colleague could connect and establish VPN's on both FW1 and FW2 objects

others when connecting to FW1 were being prompted with additional logon screens, presumably for FW2 object.

how can I disable this so that we can have VPN on FW1 object and if it fails we can VPN to FW2 object?

 

Cheers

 

Wayne

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

Sounds like Secondary Connect at work here.
Did you configure MEP?
How are Site A/B connected otherwise?

0 Kudos
Wayne_Hammond
Contributor

Hi PhoneBoy,

FW1 & 2 are independent, not clustered.

With MEP set to backup, I can VPN to second FW, but cannot connect to any services via Endpoint client, but can via Capsule client.

0 Kudos
G_W_Albrecht
Legend
Legend

Look into Remote Access VPN R80.40 Administration Guide p.143ff and Attribute Sub-Category = MEP in sk75221: Remote Access TTM Configuration

0 Kudos
Wayne_Hammond
Contributor

Thanks i'll take a look

0 Kudos