This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Alejandro_Espin
Participant
‎2019-01-02 04:55 PM
Jump to solution

SSL Network Extender Legacy policy

ssl‌ ssl‌

I am trying to configure Mobile Access to establish VPN over SSL; the purpose is that the user that connects through the browser (SSL Network extender) have access to the entire internal network.

At the moment it worked for me only publishing a native application (RDP) but I need it to works as the "Checkpoint Mobile Client", without publishing applications.

By the way, we are on R80, and I think we can only use "Legacy Policy" I mentioned this because if I use "Unified Access Policy" using R80.10 and R80.20 it works.

I tried this mode without success:

Any clue please?

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2019-01-02 05:43 PM
Jump to solution

Mobile Access Blade does not need to be enabled at all if you just want to use SNX as a VPN client.

You would configure it as if it were IPSec VPN (e.g. make sure the relevant gateway is part of the Remote Access Community and there is a rule permitting access via this community)

Make sure that SNX is enabled here:

And that Visitor Mode is enabled:

See also the docs: SSL Network Extender

View solution in original post

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2019-01-02 05:43 PM
Jump to solution

Mobile Access Blade does not need to be enabled at all if you just want to use SNX as a VPN client.

You would configure it as if it were IPSec VPN (e.g. make sure the relevant gateway is part of the Remote Access Community and there is a rule permitting access via this community)

Make sure that SNX is enabled here:

And that Visitor Mode is enabled:

See also the docs: SSL Network Extender

0 Kudos
Alejandro_Espin
Participant
‎2019-01-02 07:22 PM
In response to PhoneBoy
Jump to solution

Thank you so much Dameon, it works! using a local user.

I have a different issue, I can't log in using RADIUS authentication when I try to connect to VPN with SSL Network Extender. with Checkpoint Mobile client it works fine using RADIUS you think we need to set something else?

0 Kudos
PhoneBoy
Admin
Admin
‎2019-01-02 08:22 PM
In response to Alejandro_Espin
Jump to solution

Error messages?

0 Kudos
Alejandro_Espin
Participant
‎2019-01-03 09:28 AM
In response to PhoneBoy
Jump to solution

Nevermind, I created the user indicating that it will be authenticated by radius and it works properly. Thank you Dameon.

0 Kudos
PhoneBoy
Admin
Admin
‎2019-01-03 10:02 AM
In response to Alejandro_Espin
Jump to solution

Yup, the user record has an authentication method defined in it.

That must be set correctly.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫