We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Checkpoint VPN Secure Remote Client working through ISA 2004?

ca99uk
ca99uk asked
on
Medium Priority
789 Views
Last Modified: 2013-11-16
Hello,

We have a SBS 2003 network with ISA 2004 installed. We have received some new software that needs to establish a VPN connection to an external network.

The VPN client is Checkpoint VPN 1 Secure Remote and needs to be installed on a couple of machines in the internal network. We are having some difficulty in getting the VPN to connect. We have contacted the software vendors however they are not very helpful just saying we should uninstall ISA, however this is not very practical.

If anyone can shed any light on getting this checkpoint VPN client to connect from our internal network to the remote site via the ISA server that would be great.

Thanks.
Comment
Watch Question

CERTIFIED EXPERT

Commented:
I can understand the request to uninstall ISA hehe, it does tend to mess about with all VPN clients.

I would run a test to connect via secure remote while watching the firewall logs on the ISA box.  Look for any drops or errors, and then create rules to allow that traffic.

If it is getting through the ISA server, double check that you're upstream router/firewall is not blocking the traffic.

Basically, secure remote will negotiate a full VPN with the end point using IKE and IPSec, if both of these are allowed through your firewall/server, and of course the return traffic is allowed too, then it all should work fine.

Double check the logs on the ISA to see what it says with regards the VPN traffic and let us know what you find.

Author

Commented:
Hi Deimark,

thanks for the suggestion. We were going to look at that as a type of last resort :)

I am wondering if anyone has setup the checkpoint vpn client working with the ISA server?
Top Expert 2008
Commented:
If you setup SecureClient to use Visitor Mode it will use port 443 for the vpn tunnel (https). When using Office Mode you can also specify that it shold use your default (internet explorer) proxy settings for connecting through the proxy server.
Lars

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.