Checkpoint NG FP4 VPN Client using VPC

Discussion in 'Mac Apps and Mac App Store' started by avinashmaddy, Nov 6, 2003.

  1. avinashmaddy macrumors newbie

    Joined:
    Nov 6, 2003
    #1
    Hi All,

    I am Switching to 15 inch G4 PowerBook. But the last obstacle
    that I need to resolve before buying is the VPN connection (I want to be
    able to connect to my work VPN).

    My Company uses Checkpoint Firewall/VPN. However, there is no VPN client
    for Mac from Checkpoint.

    I would like to know if I get the Virtual PC with Windows 2000, if I
    will be able to connect to my office VPN.

    My office uses the following Windows based client

    Checkpoint Next Generation Feature Pack 4 (NGFP4)

    I want to know if I can run NGFP4 on VPC to connect to VPN.

    If you can provide any information regarding the above, it will be
    great.

    Thanks a lot in advance,

    Avinash
     
  2. KershMan macrumors 6502

    Joined:
    Feb 10, 2003
    Location:
    VA, USA
    #2
    Should be. I run virtually the same setup. I have VPC 6.1 and Checkpoint NG (not sure which feature pack). I can browse the company network, use Outlook, etc.

    Only problem is it is slow. Real slow. But, I don't need it for much. I am at the point now that the only thing I really need it for is my time card. We use Deltek Electronic Time which does not have a Mac client either.
     
  3. grrr223 macrumors regular

    Joined:
    Jan 17, 2002
    Location:
    Philadelphia
    #3
    Good News and Bad

    Kershman, would you PLEASE?!? provide a few more details about your VPC/Checkpoint setup? I have made some progress getting it to work, but still have a few more hurdles to jump. I am trying to access our company's terminal server through the checkpoint firewall/vpn.

    My setup:
    RCA Cable Modem
    Linksys WRT54G Wireless-G Broadband Router
    Powerbook G4 15"
    Virtual PC 6.1 running Windows XP w/ 384MB ram allocated
    Checkpoint SecuRemote

    All software (and firmware) is up to date.

    I couldn't get Checkpoint to work under Shared Networking, so Virtual PC uses Virtual Switch Networking . The benefit of this is that VPC then gets its own IP address, however, it also means that I can't use wireless due to a bug.

    Under Shared Networking, I was able to get the login window for the gateway to pop up, but then it would fail at "Exchanging keys with firewall."

    Now that is set to Virtual Switch, I am now able to successfully tunnel the the gateway (the one real victory I've had in this process).

    However, after successfully negotiating the connection with the gateway, I am unable to access the Terminal server. When I run a traceroute to the Terminal server, it times out at the gateway's IP address and never reaches the Terminal server. :(


    On the Mac side,

    Microsoft makes a Mac OS X native version of Remote Desktop Client which is actually pretty impressive in its performance. Unfortunatly, it obviously only works from within our firewall.

    I have been unsuccessful using any Mac products to login with Checkpoint:

    VPN Tracker lists Checkpoint on its list of compatible products, however, in the setup it tells you to turn off Checkpoint's authentication. HMMMMM, I know, this is a way to get through the security, let's TURN IT OFF, so that didn't work.

    I was also unsuccesful with Vaporsec.

    ANY suggestions would be GREATLY appreciated. Thank you.

    Avinashmaddy, have you had any luck on this? Did you go with the powerbook? Enjoy!
     
  4. KershMan macrumors 6502

    Joined:
    Feb 10, 2003
    Location:
    VA, USA
    #4
    I am using 10.3.2, VPC 6.1 with Windows 2000. We use Checkpoint NG. I also use the same Linksys router.

    Now, I have done nothing special to setup Checkpoint. Used to with Securemote you had to download the topology to make it work right. NG you do not have to do that.

    If you are using SecuRemote, make sure you log in the first time with the login that has access to the network topology so it can download. Then you can login with your user account.

    Next issue is you must make sure the network you run inside of your router, the Linksys, does not match the network in your office. If it does, you will be able to login in the firewall on the outside IP, but when the two networks merge everything gets confused and it doesn't work.

    Take for instance, my office is a 192.168.1.0, 192.168.2.0, and 192.168.3.0 networks. Inside my router I run 192.168.50.0 to avoid conflicts.

    Other than that, I am not sure what else I can tell you.
     
  5. grrr223 macrumors regular

    Joined:
    Jan 17, 2002
    Location:
    Philadelphia
    #5
    THANK YOU!

    I'll have to try it when I have a little more time.

    Happy New Year!!!
     
  6. grrr223 macrumors regular

    Joined:
    Jan 17, 2002
    Location:
    Philadelphia
    #6
    IT WORKS!!!

    IT WORKS!!!

    I don't know why or how, but I changed it back to Shared Networking and it just...Works.

    I have no clue why it didn't work before, but if it had, there would essentially have been no setup and no headache, I don't get it, but frankly, I don't care anymore, IT WORKS!!!

    It even works through the router, originally, I had been doing my testing with my laptop just plugged into the cable modem to eliminate that variable, WOW, this is great.


    Sooo...to answer the original poster's question.

    YES!!! you should be able to connect to your company's network using Checkpoint through Virtual PC.
     

Share This Page