Checkpoint VPN Secure Remote Client working through ISA 2004?

Posted on 2009-02-13
Last Modified: 2013-11-16

We have a SBS 2003 network with ISA 2004 installed. We have received some new software that needs to establish a VPN connection to an external network.

The VPN client is Checkpoint VPN 1 Secure Remote and needs to be installed on a couple of machines in the internal network. We are having some difficulty in getting the VPN to connect. We have contacted the software vendors however they are not very helpful just saying we should uninstall ISA, however this is not very practical.

If anyone can shed any light on getting this checkpoint VPN client to connect from our internal network to the remote site via the ISA server that would be great.

Question by:ca99uk
    LVL 18

    Expert Comment

    I can understand the request to uninstall ISA hehe, it does tend to mess about with all VPN clients.

    I would run a test to connect via secure remote while watching the firewall logs on the ISA box.  Look for any drops or errors, and then create rules to allow that traffic.

    If it is getting through the ISA server, double check that you're upstream router/firewall is not blocking the traffic.

    Basically, secure remote will negotiate a full VPN with the end point using IKE and IPSec, if both of these are allowed through your firewall/server, and of course the return traffic is allowed too, then it all should work fine.

    Double check the logs on the ISA to see what it says with regards the VPN traffic and let us know what you find.

    Author Comment

    Hi Deimark,

    thanks for the suggestion. We were going to look at that as a type of last resort :)

    I am wondering if anyone has setup the checkpoint vpn client working with the ISA server?
    LVL 18

    Accepted Solution

    If you setup SecureClient to use Visitor Mode it will use port 443 for the vpn tunnel (https). When using Office Mode you can also specify that it shold use your default (internet explorer) proxy settings for connecting through the proxy server.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Suggested Solutions

    In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now