CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it yet again - That's right, the 3rd edition is here!
You can read his announcement post here.
It's a massive upgrade focusing on current versions, and well worth checking out. -E

 

Search:

Type: Posts; User: the_farrier

Search: Search took 0.00 seconds.

  1. Re: Site to Site VPN between Amazon Web Services and VSX cluster

    Unfortunately not. Deploying Checkpoint for AWS got prohibitively expensive, so we are looking at a a cheap pair of ASA's to do this rather simple job.
  2. Re: Site to Site VPN between Amazon Web Services and VSX cluster

    The external, public facing cluster address isn't a problem, we supply that when creating the VPN at the Amazon end, it's the Amazon generated local tunnel interface IP's which cause the issue. The...
  3. Re: Site to Site VPN between Amazon Web Services and VSX cluster

    Many thanks for the responses:

    https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk79700

    Confirms the lack of VTI support in VSX, which...
  4. Site to Site VPN between Amazon Web Services and VSX cluster

    I'm trying to get a site-to-site VPN set-up between my clustered VSX 12600's and an Amazon Web Services VPC. Following the instructions from Checkpoint it appears I need to configure two route based...
  5. Replies
    1
    Views
    1,798

    Re: Nokia Network Voyager and Microsoft NPS

    Well, I guess Microsoft NPS isn't the most popular RADIUS server out there! To approach this problem from a different angle has anyone managed to get Nokia appliances authenticating with any RADIUS...
  6. Replies
    1
    Views
    1,798

    Nokia Network Voyager and Microsoft NPS

    Has anyone managed to get admin access to Network Voyager using Microsoft's NPS for RADIUS authentication? I have set it all up as per this document:
    ...
  7. Replies
    4
    Views
    2,490

    Re: ICMP Destination Unreachable

    Just to finish this one off. Setting the MSS to 1300 on the Cisco router solved all the issues. Return traffic from the proxy was never bigger than 1300, so never needed fragmenting and was never...
  8. Replies
    4
    Views
    2,490

    Re: ICMP Destination Unreachable

    Thanks for the response. I'll try that if setting the MSS doesn't work. I was confused by not seeing any ICMP drops coming from the firewall, however thinking more on it they will be dropped by the...
  9. Replies
    4
    Views
    2,490

    ICMP Destination Unreachable

    We are running R61 on SPLAT, I have a proxy appliance which occasionally starts sending 1500 byte packets to a remote site with the DF flag set, the firewall drops the packets as they need...
Results 1 to 9 of 9