Checkpoint NG FP4 VPN Client using VPC

[avinashmaddy]

Hi All,

I am Switching to 15 inch G4 PowerBook. But the last obstacle
that I need to resolve before buying is the VPN connection (I want to be
able to connect to my work VPN).

My Company uses Checkpoint Firewall/VPN. However, there is no VPN client
for Mac from Checkpoint.

I would like to know if I get the Virtual PC with Windows 2000, if I
will be able to connect to my office VPN.

My office uses the following Windows based client

Checkpoint Next Generation Feature Pack 4 (NGFP4)

I want to know if I can run NGFP4 on VPC to connect to VPN.

If you can provide any information regarding the above, it will be
great.

Thanks a lot in advance,

Avinash

 

[KershMan]

Should be. I run virtually the same setup. I have VPC 6.1 and Checkpoint NG (not sure which feature pack). I can browse the company network, use Outlook, etc.

Only problem is it is slow. Real slow. But, I don't need it for much. I am at the point now that the only thing I really need it for is my time card. We use Deltek Electronic Time which does not have a Mac client either.

 

[grrr223]

Good News and Bad

Kershman, would you PLEASE?!? provide a few more details about your VPC/Checkpoint setup? I have made some progress getting it to work, but still have a few more hurdles to jump. I am trying to access our company's terminal server through the checkpoint firewall/vpn.

My setup:
RCA Cable Modem
Linksys WRT54G Wireless-G Broadband Router
Powerbook G4 15"
Virtual PC 6.1 running Windows XP w/ 384MB ram allocated
Checkpoint SecuRemote

All software (and firmware) is up to date.

I couldn't get Checkpoint to work under Shared Networking, so Virtual PC uses Virtual Switch Networking . The benefit of this is that VPC then gets its own IP address, however, it also means that I can't use wireless due to a bug.

Under Shared Networking, I was able to get the login window for the gateway to pop up, but then it would fail at "Exchanging keys with firewall."

Now that is set to Virtual Switch, I am now able to successfully tunnel the the gateway (the one real victory I've had in this process).

However, after successfully negotiating the connection with the gateway, I am unable to access the Terminal server. When I run a traceroute to the Terminal server, it times out at the gateway's IP address and never reaches the Terminal server.


On the Mac side,

Microsoft makes a Mac OS X native version of Remote Desktop Client which is actually pretty impressive in its performance. Unfortunatly, it obviously only works from within our firewall.

I have been unsuccessful using any Mac products to login with Checkpoint:

VPN Tracker lists Checkpoint on its list of compatible products, however, in the setup it tells you to turn off Checkpoint's authentication. HMMMMM, I know, this is a way to get through the security, let's TURN IT OFF, so that didn't work.

I was also unsuccesful with Vaporsec.

ANY suggestions would be GREATLY appreciated. Thank you.

Avinashmaddy, have you had any luck on this? Did you go with the powerbook? Enjoy!

 

[KershMan]

I am using 10.3.2, VPC 6.1 with Windows 2000. We use Checkpoint NG. I also use the same Linksys router.

Now, I have done nothing special to setup Checkpoint. Used to with Securemote you had to download the topology to make it work right. NG you do not have to do that.

If you are using SecuRemote, make sure you log in the first time with the login that has access to the network topology so it can download. Then you can login with your user account.

Next issue is you must make sure the network you run inside of your router, the Linksys, does not match the network in your office. If it does, you will be able to login in the firewall on the outside IP, but when the two networks merge everything gets confused and it doesn't work.

Take for instance, my office is a 192.168.1.0, 192.168.2.0, and 192.168.3.0 networks. Inside my router I run 192.168.50.0 to avoid conflicts.

Other than that, I am not sure what else I can tell you.

 

[grrr223]

THANK YOU!

I'll have to try it when I have a little more time.

Happy New Year!!!

 

[grrr223]

IT WORKS!!!

IT WORKS!!!

I don't know why or how, but I changed it back to Shared Networking and it just...Works.

I have no clue why it didn't work before, but if it had, there would essentially have been no setup and no headache, I don't get it, but frankly, I don't care anymore, IT WORKS!!!

It even works through the router, originally, I had been doing my testing with my laptop just plugged into the cable modem to eliminate that variable, WOW, this is great.


Sooo...to answer the original poster's question.

YES!!! you should be able to connect to your company's network using Checkpoint through Virtual PC.