Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Alejandro_Espin
Participant
Jump to solution

SSL Network Extender Legacy policy

ssl‌ ssl‌

I am trying to configure Mobile Access to establish VPN over SSL; the purpose is that the user that connects through the browser (SSL Network extender) have access to the entire internal network.

At the moment it worked for me only publishing a native application (RDP) but I need it to works as the "Checkpoint Mobile Client", without publishing applications.

By the way, we are on R80, and I think we can only use "Legacy Policy" I mentioned this because if I use "Unified Access Policy" using R80.10 and R80.20 it works.

I tried this mode without success:

Any clue please?

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

Mobile Access Blade does not need to be enabled at all if you just want to use SNX as a VPN client.

You would configure it as if it were IPSec VPN (e.g. make sure the relevant gateway is part of the Remote Access Community and there is a rule permitting access via this community)

Make sure that SNX is enabled here:

And that Visitor Mode is enabled:

See also the docs: SSL Network Extender

View solution in original post

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

Mobile Access Blade does not need to be enabled at all if you just want to use SNX as a VPN client.

You would configure it as if it were IPSec VPN (e.g. make sure the relevant gateway is part of the Remote Access Community and there is a rule permitting access via this community)

Make sure that SNX is enabled here:

And that Visitor Mode is enabled:

See also the docs: SSL Network Extender

0 Kudos
Alejandro_Espin
Participant

Thank you so much Dameon, it works! using a local user.

I have a different issue, I can't log in using RADIUS authentication when I try to connect to VPN with SSL Network Extender. with Checkpoint Mobile client it works fine using RADIUS you think we need to set something else?

0 Kudos
PhoneBoy
Admin
Admin

Error messages?

0 Kudos
Alejandro_Espin
Participant

Nevermind, I created the user indicating that it will be authenticated by radius and it works properly. Thank you Dameon.

0 Kudos
PhoneBoy
Admin
Admin

Yup, the user record has an authentication method defined in it.

That must be set correctly.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events