This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
OpenAware_BV_BV
Explorer
‎2019-02-12 01:15 PM

Using VPN from within local network

Hi, 

I am using the 750 appliance and have issues using VPN from within the local network. Any help is very much appreciated.

So the config is very basic. One network (and port) for wired (trusted) LAN (192.168.1.x) and one network (and port) for wireless (untrusted) LAN (192.168.2.x). The idea is that it is not allowed to connect from 2.x to 1.x. This work just fine.

However, secure clients that have Check Point Mobile installed should be able to connect from the wireless (untrusted) LAN to the wired (trusted) LAN using VPN.

For this the Incoming, Internal and VPN traffic has a #1 rule 'VPN Remote Access - * Any - * Any - Accept' defined. This however does not work out. The VPN client is dropped every few seconds and there is no way to connect to any of the 1.x addresses. 

Any ideas on how to solve this are welcome.

Kind regards,

Dave

3 Replies
Jerry
Mentor
Mentor
‎2019-02-13 06:36 AM

just wonder why do you need to have encrypted tunnel in between?

I'm struggling to understand a purpose sorry ...

Jerry
0 Kudos
OpenAware_BV_BV
Explorer
‎2019-02-17 11:19 PM
In response to Jerry

Hi Jerry, there is no absolute necessity for an encrypted tunnel. It is just a more general approach on how to connect.

Making an exception based on MAC is an alternative. However, by using the VPN option there is just one single process on how to connect and how to manage configuration (No exclusions just VPN). Encryption is included for free.

0 Kudos
PhoneBoy
Admin
Admin
‎2019-02-13 01:08 PM

What's your encryption domain?

Here's how to set it.

You should be sure to exclude the WLAN from the encryption domain.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events