Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Wolfgang
Authority
Authority
Jump to solution

changing trac_client_1.ttm for cloud managed SMB appliances

Following sk182749 - Remote Access VPN users with Windows 11 24H2 fail to connect to VPN we have to change trac_client_1.ttm.

This is working fine with on premise environment and GAiA gateways.

But how about changing this on a SMB appliance manged via Smart1-cloud (not Spark-Management) ?

Local on the appliance but is it preserved in case of policy install?

Via TAC in Smart1-cloud ?

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend

It is present in $FWDIR/config and works the same as in GAiA - see an example in https://sc1.checkpoint.com/documents/SMB_R81.10.X/AdminGuides_Centrally_Managed/EN/Content/Topics/Co... that references sk75221.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

3 Replies
G_W_Albrecht
Legend Legend
Legend

https://support.checkpoint.com/results/sk/sk75221 says:

Remote Access VPN policy is defined on each Security Gateway, individually, using the TTM (Transform Template) files.

The Remote Access TTM file name is trac_client_1.ttm. It is located in the $FWDIR/conf directory on the Security Gateway. The file contains sets. You can edit the file using any plain-text editor. (On Windows, use Notepad to edit the file. WordPad and other word processors alter the file formatting.) To configure a parameter that does not exist in the file, create it in the plain-text editor. In order for changes in the TTM file to take effect, install the Security policy on the Security Gateway.

Important: Changes made to the trac_client_1.ttm file may not be persistent during the Security Gateway upgrades

So you change the trac_client_1.ttm on the SMB, not SMS...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Wolfgang
Authority
Authority

Thanks Guenther, we did this in the past via sk55502 - How to centrally manage the trac_client_1.ttm configuration file for Remote Access Clients This is easy and simple to deploy for more then one gateway but it's not supported for SMB.

Never changed this on a SMB gateway trac_client_1.ttm is also available on SMB appliances ?

0 Kudos
G_W_Albrecht
Legend Legend
Legend

It is present in $FWDIR/config and works the same as in GAiA - see an example in https://sc1.checkpoint.com/documents/SMB_R81.10.X/AdminGuides_Centrally_Managed/EN/Content/Topics/Co... that references sk75221.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events