CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Search:

Type: Posts; User: gloom

Search: Search took 0.00 seconds.

  1. Replies
    3
    Views
    1,536

    Re: sk103683 - multi domain management server

    Hello,

    thank you very much for your replays. They are very much appreciated.

    I of course know that I can change the port number of Gaia portal or disable it completely. But the question...
  2. Replies
    3
    Views
    1,536

    sk103683 - multi domain management server

    Hello,

    Can somebody confirm to me whether the patch for TLS 1.x padding vulnerability (sk103683) could also be used for MDM (R77.10)?
    The sk103683 says that this patch is intended for HTTPS...
  3. Re: Mobile Access Blade R75.20 - Main URL and aliases

    Hi,

    Unfortunately I made serious mistakes in the Description part of this thread. I have rewrote the Description part bellow.

    Description:
    When I enter in a browser URL (ALIAS URL)...
  4. Mobile Access Blade R75.20 - Main URL and aliases

    Hi,

    During my tests in lab with SSL VPN portal I found out that VPN portal is behaving in the way as I describing below. Can somebody confirm whether my understanding of the way how Internet...
  5. Replies
    7
    Views
    3,264

    Re: Abra with Mobile Access blade

    Thank you very much for your answer. I have one more question. Is this information published in publicly access document (like release notes)? Did I missed something?

    gloom
  6. Replies
    7
    Views
    3,264

    Re: Abra with Mobile Access blade

    Hi,

    I think that the problem is in some way connected to the web portal, which use the same port (tcp/443) and listen to the same url as abra needs to communicate. The reason why it works in R75...
  7. Replies
    7
    Views
    3,264

    Re: Abra with Mobile Access blade

    I have no problem with R75. Abra works also with Mobile Access.

    gloom
  8. Replies
    7
    Views
    3,264

    Re: Abra with Mobile Access blade

    Yes, abra client is unable to connect. In the abra client you can see:

    checking for network availability
    resolving site name
    retrieving site information
    checking if a client update is available...
  9. Replies
    7
    Views
    3,264

    Abra with Mobile Access blade

    Hi,

    I am testing Abra with R71.30 gateway. Everything works fine, but in case of activating Mobile Access blade, Abra stops working. Is it supported configuration running Abra with Mobile Access?...
  10. Re: Remote Access VPN with X.509 authentication and LDAP external database

    Good news. It seems that there is a solution to my problem (which I described in the first post of this thread) you can read in sk61060. The better possibility of choosing any part of user...
  11. Thread: VPN Help Request

    by gloom
    Replies
    4
    Views
    1,552

    Re: VPN Help Request

    Hi,

    does your nortel box support PPPoE or PPPoA (do not know which protocol is used in your country - we are using PPPoE)? Can your ADSL device support bridge mode? If yes, then you can put your...
  12. Replies
    1
    Views
    1,467

    Re: SecureClient on Nokia e71 ... possible?

    Hi,

    I do not know if it is possible to export certificate with private key from smartcard. I guess that it should no be possible. But if you want to authenticate your VPN access by certificate you...
  13. Replies
    2
    Views
    3,019

    Re: Smart Dashboard to ACS 5.1 TACACS

    Yes, just in lab environment. I used Cisco ACS 5.1 (5.1.0.44) and Check Point R70, R70.30 and R71.10. I did not encounter any problem. I tried to authenticate only SmartDashboard access. Do you know...
  14. Remote Access VPN with X.509 authentication and LDAP external database

    Hi all,

    I am in the middle of testing the following solution. Endpoint Connect VPN client authenticating to the R71.10 GW with X.509 certifiacate. User database is external MS LDAP server. I have...
  15. Re: Endpoint Security Client R73 + connectra R66 support

    Yes, I know but is Endpoint Security (Secure Access) Client code 100% compatible with Endpoint Connect code? Becase Secure Access is different from Endpoint Connect and I do not know whether VPN part...
  16. Endpoint Security Client R73 + connectra R66 support

    Hi all,

    Does anybody know if Endpoint Security Client R73 is supported to be used with Connectra R66.1? I have been told that it is not. Anyway, I made some tests in lab and everything worked...
  17. Thread: Dynamic VPN

    by gloom
    Replies
    3
    Views
    1,423

    Re: Dynamic VPN

    Sorry, forget the attachment.
  18. Thread: Dynamic VPN

    by gloom
    Replies
    3
    Views
    1,423

    Re: Dynamic VPN

    As I know routed based VPN is based on GRE over IPSec. ASA FW is unable to use GRE, so in my opinion you are not able to use routed based VPN with ASA. If you wish to use routed VPN you have to...
  19. Replies
    9
    Views
    2,185

    Re: Provider-1 and VSX ugprade and re-IP address

    There are of course many ways to perform an upgrade, but I would suggest the following:

    1, Use sk43922 to export whole MDS database (including administrators, smartconsole clients, global policy...
  20. Re: Upgrade from P1 R65 to P1 R70 - possible scenarios with VSX R65 gateways

    Finally I have find out the best method for migrating from P1 R65 to P1 R70.30. This method is described here: sk43922. The article describes P1 migration tools, which allow to export every P1...
  21. Re: Upgrade from P1 R65 to P1 R70 - possible scenarios with VSX R65 gateways

    Thank you very much for your comment, but are you sure about this? Because both scenario I have mentioned in my first post is described in official CP documentation. The first scenario is mentioned...
  22. Re: Upgrade from P1 R65 to P1 R70 - possible scenarios with VSX R65 gateways

    Petroman, thank you for your comment. I commpared CP_R70_High_Installationg_and_UpgradeGuide.pdf with CP_R71_Installation_and_UpgradeGuide.pdf and find out that in R71 is new possibility to perform...
  23. Upgrade from P1 R65 to P1 R70 - possible scenarios with VSX R65 gateways

    Our customer has two Provider-1 NGX R65 with HFA 40 in high availability mode (each P1 is both manager and container). The customer would like to use SmartWorkflow blade, which require to perform...
  24. Replies
    5
    Views
    2,151

    Re: SecureClient Mobile licensing

    Thak you very much for answers from everybody. I also contacted our vendor and received the following answer:

    It is possible, that this old version of SCM you were using is based on old technology...
  25. Replies
    5
    Views
    2,151

    SecureClient Mobile licensing

    Hi all,

    We upgraded our two Checkpoint firewalls (version: Secure Platform NG R55 with application intelligence HFA12). These two firewalls are configured as HA cluster. After this upgrade we...
Results 1 to 25 of 25