Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
NunoP
Explorer
Jump to solution

how to allow only newer versions of VPN client to login on the VPN

Hello Checkmates,

I have a customer which haves SCV implemented in the VPN client with some rules configured. They now want to add another layer of protection and allow only the newer versions of the Checkpoint mobile client to connect to the RA VPN.

Can you let me know how to implement this?

GAIA version is R80.40.

 

Thank you.

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

Right, the SCV method you mentioned can work in this case.
That said, it is only supported for Windows clients (Mac clients do not currently support SCV).

View solution in original post

6 Replies
NunoP
Explorer

After digging a bit about this and reading the Remote access VPN R80.40 Administration Guide, came to this script:

: (RegMonitor

                   :type (plugin)

                   :parameters (

   :keyexist ("HKEY_CURRENT_USER\SOFTWARE\CheckPoint\Mobile Access Portal Agent\")

   :string ("SOFTWARE\CheckPoint\Mobile Access Portal Agent\Version>=E84.60")

   :send_log (alert)

   :mismatchmessage ("A versao minima suportada do cliente VPN e E84.60 ")

   :end (admin)

                    )

)

Can someone share an opinion with me.

 

thank you.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Yes, you can check on Windows which RA client version is installed and disallow connection based on that.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
NunoP
Explorer

Hi,

do you mean disallowing older versions based on GPO for exemple? 

The problem is that not all laptops are on the client´s domain.

Thank you.

0 Kudos
PhoneBoy
Admin
Admin

Right, the SCV method you mentioned can work in this case.
That said, it is only supported for Windows clients (Mac clients do not currently support SCV).

Howard_Gyton
Advisor

Is there a way of disabling SCV for Mac only?  Or a VPN client that doesn't care about SCV, and here I don't refer to SSL VPN/SNX.

0 Kudos
PhoneBoy
Admin
Admin
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events