This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Daniel_Kavan
Advisor
2 weeks ago
Jump to solution

Endpoint security encryption used E87.50

Re  We are using E87.50 right now.   My understanding is that if the fat client (E87.50)can't get out on certain ports it will use sslvpn (443) to get out, but if it can get out on ports ____ - not sure what they are it will use an IPSEC vpn tunnel with encyrption based on Global Properties - Remote Access - VPN authentication and encryption - Encryption algorithms - Edit

The cipher suites used if it goes the sslvpn route can be seen with cipher_uitl.

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
2 weeks ago
Jump to solution

Are you asking a question?
For the initial connection, HTTPS is used.
If the client can use IKE (UDP 500) and NAT-T (UDP 4500), they will be used, else Visitor Mode (on HTTPS) will be used.
This applies to all VPN clients except for SNX (which uses Visitor Mode by design).

View solution in original post

1 Reply
PhoneBoy
Admin
Admin
2 weeks ago
Jump to solution

Are you asking a question?
For the initial connection, HTTPS is used.
If the client can use IKE (UDP 500) and NAT-T (UDP 4500), they will be used, else Visitor Mode (on HTTPS) will be used.
This applies to all VPN clients except for SNX (which uses Visitor Mode by design).

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events