11-24-2008 07:37 AM
We are about to install the Check Point Endpoint Security client which has a VPN client option. Does anyone know if it is possible to use the Check Point VPN client to connect to a Cisco ASA?
Thanks
11-24-2008 09:38 AM
Hi,
I dont think it is possible to make Check Point VPN Client to work with ASA. And this has not been tested.
And even if you tweak some settings and make it work, it is not officially supported solution with ASA. So, TAC will not assist you with any kind of troubleshooting and caveats that you run into.
So, I would recommend that you look at the VPN Solutions on the ASA and go with that. For example, SSL VPN.
Regards,
Arul
*Pls rate if it helps*
11-24-2008 09:59 AM
"So, I would recommend that you look at the VPN Solutions on the ASA and go with that. For example, SSL VPN."
Why would you want to do that when you can also
terminate SSL VPN on the Checkpoint Firewall
itself? It is called SSL Extender.
11-24-2008 10:09 AM
Hi cisco24x7,
Good Point. "Does anyone know if it is possible to use the Check Point VPN client to connect to a Cisco ASA?"
The way I understood this question was, the original poster wanted a Remote Access VPN Solution to be terminated on the ASA, so ASA being the VPN Server. And that is why I recommended looking a RA Solution on ASA.
Did I miss anything?
Regards,
Arul
11-24-2008 10:22 AM
Thank you for your replies. I will try to explain myself a little better.
We currently have a remote access VPN solution with a Cisco ASA 5520, Cisco VPN clients and Check Point Integrity firewall client.
Since the new version of the Check Point client (Check Point Endpoint Security) has a built-in VPN client, I was wondering if we could use that instead of the Cisco VPN client. Just to have a cleaner setup with only one client.
I just wanted to know if anyone had tried something like that.
Thanks,
Mads Gildberg
11-24-2008 10:49 AM
Now that I understand your situation better,
I can only offer this addvice:
the configuration you're using is NEITHER
support by Checkpoint or Cisco. When something
goes wrong, Cisco will tell you to uninstall
the Checkpoint Integrity Client. The same goes
for Checkpoint. Therefore, do this at your
own risk.
11-24-2008 10:53 AM
Mads,
I agree with cisco24x7. It is always better to go with a solution that is officially supported by Cisco or Checkpoint, specifically when you are installing an application on an OS.
Regards,
Arul
11-25-2008 02:23 AM
Thank you both for your help.
We will continue to use the Cisco VPN client for VPN connections to the Cisco ASA, and only use the Check Point client firewall.
Thanks,
Mads Gildberg
11-25-2008 07:11 AM
awarded 2 points
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide