AnsweredAssumed Answered

Secondary connect R77.30

Question asked by Maxim Medvedev on Oct 24, 2018
Latest reply on Nov 29, 2018 by Maxim Medvedev

We need to provide access to branch resourses to remote users via VPN, now only headquarter gateway participates at remote access community.
We use CheckPointVPN E80.61 client.


As I understand Secondary Connect is what I need, the solution is:
Enabling Secondary Connect for Remote Access Clients E75.20 and above 


I found administration Guide for Secondary Connect for R80.10, I cannot find any for R77.30


Does Secondary Connect works with 77.30?


If it does, can it be set up following this steps (from R80.10 Guide):

1. Make sure the gateway has a server certificate that is signed by the internal Certificate Authority.
2. On each gateway, open the $FWDIR/conf/trac_client_1.ttm configuration file.
3. Set the :default value of automatic_mep_topology to true.
4. Find enable_secondary_connect. If you do not see this parameter, add it manually as shown here:
:enable_secondary_connect (
:gateway (
:map (
:true (true)
:false (false)
:client_decide (client_decide)
:default (true)

1. Make sure the :default value of enable_secondary_connect is true.
2. Save the file.

3. Install the policy.


Are there any other steps that need to be taken?