This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Alejandro_Espin
Participant
‎2019-01-02 04:55 PM

SSL Network Extender Legacy policy

Jump to solution

ssl‌ ssl‌

I am trying to configure Mobile Access to establish VPN over SSL; the purpose is that the user that connects through the browser (SSL Network extender) have access to the entire internal network.

At the moment it worked for me only publishing a native application (RDP) but I need it to works as the "Checkpoint Mobile Client", without publishing applications.

By the way, we are on R80, and I think we can only use "Legacy Policy" I mentioned this because if I use "Unified Access Policy" using R80.10 and R80.20 it works.

I tried this mode without success:

Any clue please?

Reply
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2019-01-02 05:43 PM

Jump to solution

Mobile Access Blade does not need to be enabled at all if you just want to use SNX as a VPN client.

You would configure it as if it were IPSec VPN (e.g. make sure the relevant gateway is part of the Remote Access Community and there is a rule permitting access via this community)

Make sure that SNX is enabled here:

And that Visitor Mode is enabled:

See also the docs: SSL Network Extender

View solution in original post

0 Kudos
Reply
5 Replies
PhoneBoy
Admin
Admin
‎2019-01-02 05:43 PM

Jump to solution

Mobile Access Blade does not need to be enabled at all if you just want to use SNX as a VPN client.

You would configure it as if it were IPSec VPN (e.g. make sure the relevant gateway is part of the Remote Access Community and there is a rule permitting access via this community)

Make sure that SNX is enabled here:

And that Visitor Mode is enabled:

See also the docs: SSL Network Extender

View solution in original post

0 Kudos
Reply
Alejandro_Espin
Participant
‎2019-01-02 07:22 PM
In response to PhoneBoy

Jump to solution

Thank you so much Dameon, it works! using a local user.

I have a different issue, I can't log in using RADIUS authentication when I try to connect to VPN with SSL Network Extender. with Checkpoint Mobile client it works fine using RADIUS you think we need to set something else?

0 Kudos
Reply
PhoneBoy
Admin
Admin
‎2019-01-02 08:22 PM
In response to Alejandro_Espin

Jump to solution

Error messages?

0 Kudos
Reply
Alejandro_Espin
Participant
‎2019-01-03 09:28 AM
In response to PhoneBoy

Jump to solution

Nevermind, I created the user indicating that it will be authenticated by radius and it works properly. Thank you Dameon.

0 Kudos
Reply
PhoneBoy
Admin
Admin
‎2019-01-03 10:02 AM
In response to Alejandro_Espin

Jump to solution

Yup, the user record has an authentication method defined in it.

That must be set correctly.

Reply