This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sokrates
Explorer
yesterday

Machine and User tunnel at the same time

Hello all,
I've successfully created the machine tunnel before user login.
We use a seperate Gateway with an own site and want now to establish the machine tunnel permanent beside the user tunnel (please, don't ask me why).
I configuered the trac.defaults (machine_tunnel_after_logon STRING true GLOBAL 1), but there's the following problem:
The machine tunnel works, but the client isn't able  to connect the user tunnel. I tried to activate the option "always connected" for the machine site, but it's gray.
Connectivity Settings of Global Properties> Remote Access> Endpoint Connect are Manual.
So I have the following questions:
- Is it possible to activate always connected for the secondary site (machine) and leave the primary site (user) at manual?
- Is it necessary to change the global properties?
- What kind of effects has the change of the global properties from Manual to Configured on endpoint clients?
Thank you for any comments

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
yesterday

The normal use case for Machine Tunnel works something like this:

  • User boots computer
  • Machine tunnel is established in the background
  • Once user authenticates to Windows and logs in, VPN client terminates the Machine Tunnel and is switched to a User Tunnel

At no time is there both a User and Machine tunnel active.
Also, the User and Machine tunnel are expected to be with the same gateway (not a different one) with "Always On" configured. 

In your specific case, "Configured on Endpoint Client" would allow the checkbox for "Always On" to be configured on the client, whereas "Manual" requires the end user to activate the VPN connection.
Note that any changes to Global Properties affects ALL gateways managed under the domain.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events