Below shows you the steps in order to create an SSL VPN on a Check Point Gateway :
- Create a new network object. This will be used as the remote users IP address. Name this “net_office-mode-IPs”
- Within the Check Point Object under Tolopogy > VPN Domain add your local domain.
- Within the Check Point Object under Remote Access make the following changes : Enable Support Vistor Mode
- Within the Check Point Object under Office Mode – Select “Allow Office Mode to all users”. Add this new network object under Manual (Allocate IP address from Network)
- Within the Check Point Object Under Client VPN – Tick Support Clientless VPN. Under Certificate for gateway authentication select ICA_CERT.
- Within the Check Point Object under SSL Clients – Tick the SSL Network Extender and select the ICA_CERT as the The gateway authenticates with this certificate.
- Within the VPN community Tab under your Remote Access community. Add your Gateway as a paricipating gateway.
- Within the Users Tab create your users and add these to a new user group.
- Create a Rule for to allow access from your usergroups to your internal hosts (local encryption domain) and select your Remote Access Community.
Please Note :
- The user will now be able to connect to your gateway via your web browser on port 443. Enter https://[gateway ip] into your browser.
- You will need to enusre that enusre your SPLAT WebUI or your IPSO Yoyger is listening on another port other the tcp/443.
Latest posts by Rick Donato (see all)
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial