This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Heath_Mote
Collaborator
‎2018-03-05 08:42 AM
Jump to solution

Remote Access VPN Authentication

I'll preface this by saying we have one policy that has multiple gateways targeted and I'm wanting to configure the Remote Access VPN blade for each gateway. The confusion I have is trying to figure out why there are so many places to set the authentication. Here's what I've counted so far:

1 - Gateway properties > VPN Clients > Authentication

2 - Gateway properties > Mobile Access > Authentication

3 - User Template > Authentication

4 - Mobile Access Policy > Authentication

Why so many places to set the authentication? Also, with the multiple gateways and multiple places to set the authentication, it's very confusing. Does one take preference over the other or what...

We have R80.10 management with a mix of R80.10 and R77.30 gateways. Thanks for the help!

1 Solution

Accepted Solutions
Chris_Hoff
Contributor
‎2018-03-07 01:22 PM
Jump to solution

Basically it comes down to the fact there are several different types of remote access, and the authentication for each type can be different. To get a better grasp on the different kinds of remote access view sk67820. 

View solution in original post

0 Kudos
4 Replies
Gaurav_Pandya
Advisor
‎2018-03-06 04:16 AM
Jump to solution

Hi Heath,

If Mobile access blade is enabled on your gateway and you are using Mobile access SSL VPN then you need to configure it in Mobile Access section. For the rest remote access, you can configure in VPN Clients.

You can refer "User and Client Authentication for remote access" section from R80.10 admin guide for more clarification.

Remote Access VPN R80.10 Administration Guide 

Chris_Hoff
Contributor
‎2018-03-07 01:22 PM
Jump to solution

Basically it comes down to the fact there are several different types of remote access, and the authentication for each type can be different. To get a better grasp on the different kinds of remote access view sk67820. 

0 Kudos
Heath_Mote
Collaborator
‎2018-03-09 03:58 PM
Jump to solution

Hey guys, thanks for the posts.

Gaurav, I couldn't open your link to view it.

Chris, I did view that SK and it does list the different types of VPNs that can be used but it didn't have much on the authentications listed.

I can set the authentication in 4 different places. The first two are more understandable because those are two types of VPNs are certainly different. The 3rd is tied to a User Template...so is there some sort of precedence that takes place? The 4th is tied to the Mobile Access policy...would that override the gateway settings?

Hoping someone from CP will jump in here. Coming from the Cisco ASA background the AAA is tied to a VPN profile only in one place. I totally understand that the CP is different but just stating my background to help understand why being able to set the authentication in multiple places is confusing at least. Thanks again for the posts. 

0 Kudos
Gaurav_Pandya
Advisor
‎2018-03-09 10:45 PM
In response to Heath_Mote
Jump to solution

Ok Heath,

Just type "checkpoint r80.10 remote access admin guide" in Google and you can download Remote access VPN admin guide. There you will find "user & client authentication" section.

You will get good understanding for Remote Authentication as they have explained all possible options.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events