CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We already have sign-ups from twelve different countries!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 7/14, 8/25, 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8.
3. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
4. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > Authentication
Reload this Page Clientless VPN
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2006-03-30
budgie69 budgie69 is offline
Junior Member
  
Join Date: 2006-03-21
Posts: 14
Rep Power: 0
budgie69 has an average reputation (10+)
Default Clientless VPN
Hi Guys

Hope you can help?


I have setup Clientless VPN

Firewall object is acting as webserver.
Clientless VPN option selected in firewall properties
Rule put in place (user[source] - firewall[destination] - https[service] - userAuth[Action]
Certificate installed on client machine
connect to gateway https://x.x.x.x.

get the following error message;
FW-1 GATEWAY at failed to connect to the www server

No drops in logs


Thanks in advance.
Reply With Quote
  #2 (permalink)  
Old 2006-04-06
maverick maverick is offline
Junior Member
  
Join Date: 2005-08-22
Posts: 13
Rep Power: 0
maverick has an average reputation (10+)
Default Re: Clientless VPN
First make sure your rule for Clientless VPN access is above your Stealth rule

Secondly, if your enforcement module is a Nokia IP appliance, you might need to change the SSL port that voyager uses to a non-standard port, so that HTTPS on TCP 443 is serviced by the SSL VPN daemon

Also check to see if their are any drops in the log on rule 0

If all else fails run a tcpdump to analyze the inbound traffic
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 19:52.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0