Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
K_montalvo
Collaborator

Client to Site VPN r80.30

Jump to solution

Hello friends,

I would like to configure a client to site VPN on my r80.30 Security Gateway for a external contractor that would be working temporally. I would like to configure something simple, in the firewall rules i will only permit access to the internal server he would be working. If you guys have a configuration guide that can help, please share.

Thanks you all!

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

What is the main IP of your gateway object?
Is it the external IP or something else?
If it is NOT the externally reachable IP, you'll need to set the relevant IP in the Link Selection setting.

View solution in original post

11 Replies
G_W_Albrecht
Legend
Legend
K_montalvo
Collaborator

@G_W_Albrechtmany many thanks for posting that link i read it and was very informative!

K_montalvo
Collaborator

After the Remote Access VPN set up i tried to connect from Endpoint Security Client via the Security Gateway public facing IP and received the following error:"Site is not responding. You might be in hotspot environment" Can anyone guide me if there's is a setting for defining this on the Gateway or im missing something? Any help would be appreciated my friends!

0 Kudos
K_montalvo
Collaborator

@PhoneBoyBuddy can you help with this issue please, hope your well!

0 Kudos
PhoneBoy
Admin
Admin
K_montalvo
Collaborator

@PhoneBoythat did not worked for me, also tried connecting using publicip:443 its connects the first time but after disconnecting and reconnect i received the same error  i have a hotspot enviroment internally but this vpn or mobile access network its not associated with this. Just to discard i will try to disable my internal captive portal and retry. If you have any other tips i can try are very welcome.

0 Kudos
K_montalvo
Collaborator

Also want to add that Im able to connect using console VPN from Android without issues, its only using the Endpoint Security Client will try from a personal laptop to connect using the E85.40_CheckPointVPN later since im not able to install since i have to uninstall fist the Endpoint Security. The goal is to have the contractor use the E85.40_CheckPointVPN since were not going to use the Endpoint Security on his Laptop. But for internal users will be using the Endpoint Security Client to use always auto connect to enforce the traffic go through the security gateway when roaming.

0 Kudos
PhoneBoy
Admin
Admin

What is the main IP of your gateway object?
Is it the external IP or something else?
If it is NOT the externally reachable IP, you'll need to set the relevant IP in the Link Selection setting.

View solution in original post

K_montalvo
Collaborator

What is the main IP of your gateway object?-172.16.0.1
Is it the external IP or something else?External IP its reacheable in traceroute from other external network and able to connect using capsule VPN from Android. The issue is at the moment using the Endpoint Security Client,(Will try tonight connecting from the E85.40_CheckPointVPN.
If it is NOT the externally reachable IP, you'll need to set the relevant IP in the Link Selection setting._I Here included the actual configuration, will try defining that link selection soon in lunch break and will let you know.

*Also tried clientless via SSL and did not worked, attached the error:

 

0 Kudos
K_montalvo
Collaborator

Disregard the Clientless VPN error i just fix it it was not enable on the properties, i still with the Endpoint Security Client issue. (the hotspot error)

0 Kudos
K_montalvo
Collaborator

@PhoneBoyThe issue was  resolved setting the external public IP in the link selection and removing from "Apply these setting to VPN links option in the ISP redundancy page" now i will continue internal testing and prepare documentation for future references. As always many thanks for your help!

0 Kudos