[vpn] Looking for client that works with Netscreen and Checkpoint

Jose Muniz jmuniz at loudcloud.com
Sun Oct 7 13:10:47 EDT 2001


You are actually quite right,. Once you start to see several proxy IP's that
is
several subnets behind your gateway then you be in trouble.
If you have a VRRP HA Checkpoint then things will brake, as IKE negotiations

happen against the interface IP and not the VRRP IP/.
In a situation like this, if you think about it will be more cost effective
to get
rid of the Checkpoints and stick with Netscreens all the way.
I heard folks react quite interesting when you say that.. "replace them"...
If you do the analysis, then you will realize that by doing that "replacing"

you will be saving money.
As you can see the administration time will be lower, you will have a more
solid
solution, and the recovery time in case of disaster recovery will be a
fraction of the
time that will take the recovery of the Checkpoint.
Stick to the good stuff... [NS]  Get rid of the problems... [ChPoints]

Jose.

"Paige, Randall" wrote:

> Checkpoint is going to be an issue.  I do not know
> of anyone using a non-vpn client with a Checkpoint FW.
> I am told it can be done but with great limitations.
> Checkpoint has always added proprietary features to it's remote
> access feature.
>
> -----Original Message-----
> From: Jose Muniz [mailto:jmuniz at loudcloud.com]
> Sent: Tuesday, October 02, 2001 8:49 PM
> To: Ben Keepper
> Cc: vpn at securityfocus.com
> Subject: Re: [vpn] Looking for client that works with Netscreen and
> Checkpoint
>
> Try the F-Secure Client..
> http://www.f-secure.com
>
> Jose.
>
> Ben Keepper wrote:
>
> > I apologize for not doing my research first, but I am in a hurry.
> > Looking for a client (PGPnet, Safenet, SecureClient/Remote) that works
> > with both Netscreen and Checkpoint firewalls.
> >
> > Not looking for their marketing (our implementation uses standards)
> > blah-blah, but somebody really doing it in a production environment.
> >
> > Has anybody done this with Win2K IPSEC?
> >
> > If somebody knows of one, can you point me at the documentation?
> >
> > TIA,
> >
> > Ben Keepper
> >
> > VPN is sponsored by SecurityFocus.com
>
> VPN is sponsored by SecurityFocus.com


VPN is sponsored by SecurityFocus.com





More information about the VPN mailing list