{"id":411,"date":"2010-04-07T15:13:02","date_gmt":"2010-04-07T15:13:02","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/2010\/04\/07\/how-do-i-create-an-ssl-vpn-on-a-checkpoint-gateway\/"},"modified":"2021-07-24T18:48:36","modified_gmt":"2021-07-24T18:48:36","slug":"how-do-i-create-an-ssl-vpn-on-a-checkpoint-gateway","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/Firewalls\/Check-Point\/how-do-i-create-an-ssl-vpn-on-a-checkpoint-gateway.html","title":{"rendered":"How do I Create an SSL VPN on a Check Point Gateway ?"},"content":{"rendered":"

 Below shows you the steps in order to create an SSL VPN on a Check Point Gateway :<\/p>\n

    \n
  1. Create a new network object<\/strong>. This will be used as the remote users IP address. Name this “net_office-mode-IPs”<\/li>\n
  2. Within the Check Point Object under Tolopogy > VPN Domain<\/strong> add your local domain.<\/li>\n
  3. Within the Check Point Object under Remote Access<\/strong> make the following changes : Enable Support Vistor Mode<\/li>\n
  4. Within the Check Point Object under Office Mode<\/strong> – Select “Allow Office Mode to all users”. Add this new network object under Manual (Allocate IP address from Network)<\/li>\n
  5. Within the Check Point Object Under <\/strong>Client VPN<\/strong> – Tick Support Clientless VPN. Under Certificate for gateway authentication select ICA_CERT.<\/li>\n
  6. Within the Check Point Object under <\/strong>SSL Clients<\/strong> – Tick the SSL Network Extender and select the ICA_CERT as the The gateway authenticates with this certificate.<\/li>\n
  7. Within the VPN community Tab<\/strong> under your Remote Access community. Add your Gateway as a paricipating gateway.<\/li>\n
  8. Within the Users Tab<\/strong> create your users and add these to a new user group.<\/li>\n
  9. Create a Rule<\/strong> for to allow access from your usergroups to your internal hosts (local encryption domain) and select your Remote Access Community.<\/li>\n<\/ol>\n

    Please Note : <\/em><\/p>\n