Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
nemesis
Explorer
Jump to solution

Remote Access with DynDNS

Hello CheckMates,


I'am trying to get Remote Access (Check Point Mobile Windows Client) working with a DynDNS address as destination. The destination Gateway is a OpenServer with R80.30.


Is there any way to get this working, I did not find anything in posts, Documents or SKs.


The VPN connection works till the IP address of the provider changed. After deleting the site in the client and reconfigure it, this also worked again. So the configuration is ok, and also the download of the topology has no affect to the destination.

To get to this point I used SK32229 to configure the Link Selection in GuiDBedit. There is also the possibility to change to DNS settings, which seems not to be supported for a gateway which is participating on RemoteAccess community. In my case this would be exactly the thing I need, but this does not worked, so I don't really understand why this is not supported for Remote Access but obviously for Site2Site VPN.

For me it look like the windows client is the "problem" because the DNS name will always be translated to IP (which is not always the best way).

Is there any way to bring the client to use DNS instead of IP, or something which I can do on Check Point side?


Thanks in advance

0 Kudos
1 Solution

Accepted Solutions
nemesis
Explorer

Thanks all for your reply.

 

I found a soloution which worked at least for Mobile Access for windows. You can configure the behavior of the client within in the trac_client_1.ttm file on the gateway.

Here you can tell the client to use DNS instead of IP, it is documentend in sk103440, i will also test if this will work for capsule connect. A first test was not that good but this could also be a network coverage problem.

 

View solution in original post

4 Replies
PhoneBoy
Admin
Admin

We do have a solution that uses DNS on the VPN client, but it’s specific to running the gateways as an Azure VMSS at the moment: https://community.checkpoint.com/t5/Remote-Access-VPN/Scalable-Remote-Access-VPN-with-CloudGuard-Iaa...
This implies there is a client (not the standard one) that allows this because, as you said, the client generally converts the DNS name to an IP address.
Maybe @Shay_Levin ot @Daniel_Goldenst can comment on more specifics about this client.
Wherher it will work in your case is a different matter.

0 Kudos
Daniel_Goldenst
Employee Alumnus
Employee Alumnus

The solution that we have developed for CloudGuard IaaS is consist of VPN End Point Client and VMSS GWs configured in Azure - This is a solution designed specifically for CloudGuard IaaS - Details can be found in the link shared by PhoneBoy.

For specific queries of VPN End Point client features and functionality you should contact the VPN End Point tean

0 Kudos
PhoneBoy
Admin
Admin

Or maybe tag @AndreiR 🙂

0 Kudos
nemesis
Explorer

Thanks all for your reply.

 

I found a soloution which worked at least for Mobile Access for windows. You can configure the behavior of the client within in the trac_client_1.ttm file on the gateway.

Here you can tell the client to use DNS instead of IP, it is documentend in sk103440, i will also test if this will work for capsule connect. A first test was not that good but this could also be a network coverage problem.

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events