Unable to connect to FW-1 Dashboard with External IP address

Posted on 2009-04-03
Last Modified: 2013-11-16
I need to remote into FW-1 Dashboard.  Currently I am not able to connect with the external IP address.  Nor can I ssh/https.   Whenever I cpstop/cprestart, I notice a error "VPN-FW-1 stop, Fail to reset VPN-1".  This particular customer has NG FW-1 R55 with Encryption Module for VPN.  I wanted to help them setup a VPN Remote Access for end users.  Any suggestions?
Question by:hotrod_952
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3

Assisted Solution

Multipath earned 20 total points
ID: 24065804
Do a cplic print and make sure the vpn module is there.  I think your issue is the VPN not coming up which could be due to many things like ip address not matching license or not being licensed.

Author Comment

ID: 24073953
This particular customer is license for CPFW-ENC-U-NG  which allows you to upgrade to VPN-1 module.  Also, I've verified that the external IP address is licensed.  

Expert Comment

ID: 24074050
Are there in messages in the message file when you try to start it?  I am not sure what platform you are on.
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.


Accepted Solution

hotrod_952 earned 0 total points
ID: 24090208
I called Checkpoint User Center and they mention that this particular license is for gateway encryption.  In order for them to have VPN capabilities they must purchase additional licenses.  This explains why after I create the remote access VPN they gateway was accessible from secure remote.

Author Comment

ID: 24090222

Expert Comment

ID: 24093291
As I commented in the first reply

"Do a cplic print and make sure the vpn module is there.  I think your issue is the VPN not coming up which could be due to many things like ip address not matching license or not being licensed."

As this was the problem should I not be given the points?

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question