![]() current customer R80.40 (+HFA) distributed setup recently upgraded from all-in-one R77.30 (_HFA).Is anyone from Check Point able to answer / confirm the above? So how come EndPoint Security VPN Clients are unable to connect to the gateway when Visitor mode is disabled and an explicit HTTPS rule is implemented in the access policy? Interestingly, sk159372 also advises to avoid visitor mode if there is no need for it. ![]() ![]() I understand the requirement for visitor mode (sk159372 explains this perfectly). The observed behaviour suggests there is a service which is enabled when visitor mode is enabled which answers requests from the Endpoint Security VPN clients (or possibly this is additional function of visitor mode?). However, when turning visitor mode off, and then having an explicit HTTPS rule in the access policy the client is no longer able to connect or create a site / establish VPN. The clients can configure sites and establish phase 1 / 2 normally. In my environment we have moved the portal to a different port, when visitor mode is on (running on port 443), the "enable_tcpt" implied rule is implemented (this isn't configurable via the normal implied rule area, sk119497 explains this). Has anyone confirmed that RA VPN clients (EndPoint Security VPN) can connect when visitor mode is disabled (providing an explicit HTTPS rule is added to the policy)?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |