Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
lucag74
Explorer
Jump to solution

Remote access client and local resource

Scenario

Notebook With client Endpoint Security --> Checkpoint Quantum Spark 1530 Appliance 

Notebook connect to Checkpoint all fine, he can see the entire LAN network, i used office mode. All fine.

What i need is a bidirectional comunication. Pc on lan network to have access to one port listening on notebook.

It's possible ?

Thank's

 

 

0 Kudos
2 Solutions

Accepted Solutions
G_W_Albrecht
Legend
Legend

You need to additionally enable Back Connections in Advanced Settings:

backc.png

CCSE CCTE CCSM SMB Specialist

View solution in original post

0 Kudos
(1)
PhoneBoy
Admin
Admin

For a centrally managed SMB appliance (or for non-SMB appliances), this is the correct setting in Global Properties to allow connections initiated from the LAN to Remote Access VPN clients:

image.png

View solution in original post

0 Kudos
(1)
14 Replies
_Val_
Admin
Admin

You can pit Office Mode IP for a specific user, and then yes, you can do what you need

0 Kudos
lucag74
Explorer

OK i put in office mode, i edited file ipassignement.conf and when i connect i receive correct ip address. Do i need to make something other  because still not working.

Sorry for newbie question i'm following the user manual.

 

0 Kudos
G_W_Albrecht
Legend
Legend

You need to additionally enable Back Connections in Advanced Settings:

backc.png

CCSE CCTE CCSM SMB Specialist
0 Kudos
(1)
lucag74
Explorer

Hi, first thank for your answer.

Yes i had already create outgoing roule, i attach screenshot. I tried also with Any instead of Lan Networks.

However i don't rebooted checkpoint after put new ipaggnignement,conf

All work fine user always receive the same ip.

Maybe something wrong on file ?

I had put

 

##############################################################################################
### Gateway Type IP Address User Name ###
### ============= ===== ======================================== =======================###
##############################################################################################
*, 172.16.10.5, tamponi

 

0 Kudos
lucag74
Explorer

Thank's i tred to activate but nothing. 

1) Office per mode use ok

2) Outgoing roule plicy to allow lan to vpn remote access.

3) Enabled back conneccion

 i try to enable anti-spoofing on vpn remote access but nothing.

 

0 Kudos
AndréTinoco
Contributor
Contributor

Can you share the policy rule you've created?

0 Kudos
lucag74
Explorer

Sure, in attachment all my config

Policy Object

Ipassignmenet.conf

Connetion back

and Office mode

all in form of screenshot.

Sure i'm missing something !

 

 

0 Kudos
AndréTinoco
Contributor
Contributor

Ok.

In the policy, instead of using the Remote Access object, try to use the Office Mode IP/Network. 

0 Kudos
(1)
lucag74
Explorer

OK i solved the issue. My configuration work like screenshot. 

I don't know why i can't ping my remote notebook also if windows firewall it's down but for example i can access the shared folder.

The real missing puzzle for me it's what you suggest me and i report like solutions, the allow back connection.

 

0 Kudos
AndréTinoco
Contributor
Contributor

The Remote Access object could not be mapping the network correctly, but I'm glad you've worked it out.

0 Kudos
G_W_Albrecht
Legend
Legend

Can we move this to Quantum Spark ?

CCSE CCTE CCSM SMB Specialist
0 Kudos
_Val_
Admin
Admin

Why?

0 Kudos
PhoneBoy
Admin
Admin

If this were posted somewhere else, that's probably where I'd move it.
However, this deals with both topics, so I'm inclined to leave it where it is. 🙂

0 Kudos
PhoneBoy
Admin
Admin

For a centrally managed SMB appliance (or for non-SMB appliances), this is the correct setting in Global Properties to allow connections initiated from the LAN to Remote Access VPN clients:

image.png

0 Kudos
(1)

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events