- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
ssl ssl
I am trying to configure Mobile Access to establish VPN over SSL; the purpose is that the user that connects through the browser (SSL Network extender) have access to the entire internal network.
At the moment it worked for me only publishing a native application (RDP) but I need it to works as the "Checkpoint Mobile Client", without publishing applications.
By the way, we are on R80, and I think we can only use "Legacy Policy" I mentioned this because if I use "Unified Access Policy" using R80.10 and R80.20 it works.
I tried this mode without success:
Any clue please?
Mobile Access Blade does not need to be enabled at all if you just want to use SNX as a VPN client.
You would configure it as if it were IPSec VPN (e.g. make sure the relevant gateway is part of the Remote Access Community and there is a rule permitting access via this community)
Make sure that SNX is enabled here:
And that Visitor Mode is enabled:
See also the docs: SSL Network Extender
Mobile Access Blade does not need to be enabled at all if you just want to use SNX as a VPN client.
You would configure it as if it were IPSec VPN (e.g. make sure the relevant gateway is part of the Remote Access Community and there is a rule permitting access via this community)
Make sure that SNX is enabled here:
And that Visitor Mode is enabled:
See also the docs: SSL Network Extender
Thank you so much Dameon, it works! using a local user.
I have a different issue, I can't log in using RADIUS authentication when I try to connect to VPN with SSL Network Extender. with Checkpoint Mobile client it works fine using RADIUS you think we need to set something else?
Error messages?
Nevermind, I created the user indicating that it will be authenticated by radius and it works properly. Thank you Dameon.
Yup, the user record has an authentication method defined in it.
That must be set correctly.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY