This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
raquinog
Participant
‎2020-08-19 07:54 PM

Configure Client VPN on VSX

Jump to solution

I currently have a firewall with 8 virtual contexts (VSX).
On the VSX02 Firewall I have the Productive Client VPN service.
The Customer asks me to configure the other VPN Client service on other Firewall VSX07.

When I enter the Gateway VSX07, if I try to configure the Parameter of "VPN Clients >> Office Mode" in this point I can make modifications.

office_mode.png

But when I click OK to save the changes, I get the following message "Define office mode pool network for all cluster members to match the cluster definition" and I can't move forward.

office_mode_fail.png

The configuration of the current pool of the VPN Client, is assigned in each member of the cluster.

office_mode_pool.png

Can I have the VPN Client service on the same firewall but different VSXs?

Can I use the same pool as the productive VPN Client, with the new service that I am trying to configure?

How can I fix the problem?

 

0 Kudos
1 Solution

Accepted Solutions
HeikoAnkenbrand
Champion
Champion
‎2020-08-19 11:21 PM

Jump to solution

Hi @raquinog,

Follow these steps in SmartConsole:

- open Security Gateway Cluster Object
- go to Cluster Members pane - select cluster member and select Edit
- Cluster Member Properties window will open - Navigate to VPN tab
- under Office Mode for Remote Access - select or check the Box for Offer Manual Office Mode (using IP pool) option
- from the Drop down selection of Allocate IP Addresses from network select the relevant Network which is created for the purpose of Office Mode Pool
- close Cluster Member Properties window by hitting OK

>>> repeat Step for second cluster member <<<
>>> install the Security policy <<<

View solution in original post

4 Replies
HeikoAnkenbrand
Champion
Champion
‎2020-08-19 11:21 PM

Jump to solution

Hi @raquinog,

Follow these steps in SmartConsole:

- open Security Gateway Cluster Object
- go to Cluster Members pane - select cluster member and select Edit
- Cluster Member Properties window will open - Navigate to VPN tab
- under Office Mode for Remote Access - select or check the Box for Offer Manual Office Mode (using IP pool) option
- from the Drop down selection of Allocate IP Addresses from network select the relevant Network which is created for the purpose of Office Mode Pool
- close Cluster Member Properties window by hitting OK

>>> repeat Step for second cluster member <<<
>>> install the Security policy <<<

raquinog
Participant
‎2020-08-20 07:35 AM
In response to HeikoAnkenbrand

Jump to solution

Hi Heiko:

Thanks for your advice, but I tried to do it, and is the same result. I get the following message "Define office mode pool network for all cluster members to match the cluster definition"

Any other suggestion?

Can I have the VPN Client service on the same firewall but different VSXs?

JanVC
Collaborator
‎2020-08-22 01:12 AM
In response to raquinog

Jump to solution

Did you try configuring the office mode pool on the cluster and then pressing OK to push the vsx configuration and only after that re-open the VS and then configure the VPN settings?

PhoneBoy
Admin
Admin
‎2020-08-21 10:42 PM

Jump to solution

Don't think you can use the same Office Mode pool on different VSes on the same VSX cluster.
But you should be able to configure Remote Access on multiple VSes.