This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
sx8n20394
Explorer
Wednesday

Checkpoint VPN Scripted Install & Options

I am looking for some help with a couple of different things related to the Checkpoint VPN install. I am trying to script an install for the Checkpoint VPN but I am running into some issues and need some things clarified. Just FYI, I am familiar with the Remote Access VPN Clients for Windows Administration Guide.

1. I do not see an option in the MSI switches to install Checkpoint Mobile VPN only. I can only install the Endpoint VPN. Are there any options to just install Checkpoint Mobile for Windows?

2. Is there a huge difference between the Mobile VPN for Windows and Endpoint Security VPN if we are just running locally managed SMB spark devices? I see in the documentation it mentions an Integrated Desktop Firewall and SCV integrations with Windows Security Center. The problem is that all of the configuration for those items are done by a SmartConsole management server which we don't use.

3. Is there any way to create a configuration file or modify the MSI if we aren't using a SmartConsole management server? Everything I see references SmartConsole deployment.

I may add on to this post but these are the questions I have for now.

0 Kudos
2 Replies
G_W_Albrecht
Legend Legend
Legend
Thursday
In response to CaseyB

This is the solution - opt for SmartConsole Managed and Mobile StandAlone RA VPN client Endpoint Security VPN for Windows ! With Mobile, SmartConsole is not necessary.

See https://community.checkpoint.com/t5/Remote-Access-VPN/Changing-the-Standalone-Remote-Access-Client-f...

But you need not use the registry - in the instructions here https://sc1.checkpoint.com/documents/RemoteAccessClients_forWindows_AdminGuide/Content/Topics-RA-VPN...

 you can change  enable_firewall to false in Remote Access TTM Configuration on GW:

Description: Enable/disable desktop firewall.
Type Valid values Default value Available from Available on
string true / false / client_decide true E84 Windows, macOS

 

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top