Checkpoint Vpn Server For 500 Users
May 3, 2012I want the vpn device for about 320 users
View 2 RepliesI want the vpn device for about 320 users
View 2 RepliesI run a webserver that has worked fine for a while. Recently, I've been getting calls from people who say that the page is no longer pulling up. There were several reported cases, but no specifics. Finally I talked to someone today.He said they changed their ISP to AT&T U-Verse and that's when the problem started. When trying to go to our webpage, his browser times out. He has tried in Firefox, IE and even on the iPad, so it seems to be a router and/or ISP problem.I thought it might be a DNS server problem, but I changed it to Google's public DNS server,
View 4 Replies View RelatedI run a small software development firm with around 15 network users. We currently have broadband DSL (only thing available in our area with decent up/down speeds - 2/20 respectively). We have 7 development (Win 2008/2012) servers and 4 sales people that tie up bandwidth with video conferencing/movies/music/etc..We aren't running a DHCP server (the modem/router handles DHCP) or exchange (we use gmail). We essentially have the broadband modem, a cradlepoint mbr1400 router as AP, and a 24 port unmanaged switch, a few wireless printers, and of course each employee has at least one other device connected via WIFI.
View 8 Replies View Relatedcan i print as am joint to a domain.
View 2 Replies View RelatedI am a networking student so have access to a free copy of Windows Server 2012. I want to setup and get experience with AD, DHCP, and DNS, among other services. Right now I have a Netgear router attached to a Cisco switch. (studying for CCENT cert) I have my desktop and server plugged into switch. I want my desktop to connect to the domain for testing and messing aroudn with. My wife has a netboook, smartphone, and wireless ipod. I'd like her 3 devices to get an IP from the DHCP server without having her authenticate to the server. Will the Netgear router allow this since wirless access is on? Or will she need to authenticate with the server to get a DHCP IP? I am gonig to disable the router's DHCP service.
View 3 Replies View RelatedThe server is running Microsoft Windows Server 2008 R2.The four other systems connecting to the server are running Microsoft Windows XP.Is it possible to have all four users connected at the same time remotely using a remote desktop client to the server? I'm using Teamviewer right now, but not sure if it will work with that.
View 3 Replies View RelatedSince the number of computers are expanding at my home, I want to reduce Wireless Connectivity and increase Ethernet connection between computers. I will be running a Server that supports 10 TB Storage.Will a Custom PC be better or should I use a NAS connected to a web server?
I currently use a Linksys WRT160n router that supports only 4 ethernet connections.Now I need at least 40 Ethernet connections. Will a Switch do? Also I will be running Asterisk to support Telephones.
My web server will not function globally. Only in LAN.And also, the web server will have a 250gb Wikipedia Dump that will deploy 10 times; and also a lot of video from KhanAcademy for knowledge base.I am looking for something powerful which will be quiet and have less downtime.I have checked out Newegg, eRacks, and many other websites. But I am confused with what to consider buying.
A Local Web Server or a custom built PC for 10tb hard drive suppoty.Router that can provide wired connection to about 40 users.A Terminal so I can monitor the bandwidth usage.
we are trying to configure the vpn with our provider we are on Asa and the use Checkpoint , vpn seem to be established on phase 1 and phase 2 too.bur when i send ping packets seem to los on tunnel and other side do not see them.Asa is after a onother firewall and outside interface of this asa is nated on this perimeter firewall.
View 5 Replies View RelatedI have set up a VPN tunnel using pre-shared keys between my ASA5505 and a Checkpoint firewall (another company).
I can initiate the tunnel from my side, but they cannot open it from their side. We get Phase2 failures.
The other company is saying:
"Your ASA is expecting my CheckPoint to negotiate the phase 2 timeouts in both seconds and kilobytes. Enabling kilobyte timeouts is not something that is currently realistically feasible on my side, so I ask that you disable/turn off kilobyte timeouts on your side"
However, I do not have a kilobyte timeout specified in the security association for the tunnel, only a seconds.
Is there a hidden default setting I have to turn off? If so, how do I do this?
I have a problem with a L2L VPN between ASA and Checkpoint R71 VPN I can ping it up to the network that is behind the checkpoint but they can not make me pin.
View 3 Replies View RelatedI've got a windows server 2003 running a big application (sage1000) but suddenly it seems that users cannot access the server by unc path.i've also test to access \server on the server itself doesen't work.
View 2 Replies View RelatedI've got an HP Microserver, running server 2008 R2 foundation, and I'm using it for file sharing. All files are in a single folder with subfolders, and located in drive C.
The problem is that the server limits the number of LAN connections to it to 31. I've already changed the max. number of connections to the maximum, but doesn't seem to work. Network discovery and file sharing are on, firewall is off, full access rights for everyone.
The error I get when trying to access the shared folder is: 'Microsoft Windows Network: No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept'
I have successfully set up a windows 2008 box as a Radius server and use it to authenticate VPN users against ta AD database.I have also set up a similar policy that permits authentication for management purposes to all my networking devices (routers,switches and the ASA).Both policies work fine.Of course I don't want every VPN user to have administrative access to the ASA and every other device on my network.How can I discriminate between the 2 groups (VPN users and Network administrators)
View 3 Replies View RelatedI am trying to get a simple IPSEC VPN between a Cisco 800 router and a CheckPoint firewall.The Phase 1 negotiation is working fine.
View 1 Replies View RelatedI have 5 static public IP addresses at my disposal. A checkpoint firewall with VPN access provides remote access for mobile users. How would I go about integrating the ASA 5505 SSL VPN into this network so some mobile users could continue using the checkpoint VPN client while others could have SSL VPN remote access? Attached is a graphic of the network.
View 2 Replies View Relatedwhat's required for the migration from Checkpoint R75-20 Splat install to the Cisco ASA firewall, links to documentation - step-by-step.
View 3 Replies View RelatedI have an ASA running 8.4(2) code.
I have been trying to get a VPN tunnel established between this device and a Checkpoint R70 firewall, but have been getting nowehere.
The settings are:
Encap: ESP
Encryption: AES256
Hash: SHA1
DH: Group 2 (1024)
Authentication: pre-share
lifetime: 1440 min / 4096000 KB
I can open the tunnel from the ASA to the Checkpoint, but the Checkpoint cannot open a tunnel with the ASA. It looked like the issue originally was the KB timout which was turned off on the Checkpoint side. They have since added that (4096000), but we are getting Phase2 failures.
How to create a tunnel between an ASA running 8.4(2) and a Checkpoint R70?
I am beginning to think that I have incompatible systems Is it a PFS issue? If so, how do I enable that in the policy section?
I am facing Tear down problem on cisco asa 5505.Users are always disconnecting 25-30 min from outside server. [code]
View 2 Replies View RelatedRunning EIGRP on network. Hub router connects to remote router via EIGRP and then I have 2 static routes getting traffic to the switch behind the checkpoint firewall(Edge-1 UTM). Some switches I can access while others I cannot.
View 1 Replies View RelatedI have Cisco 2960 switches deployed in my environment along with radius server authentication. Now i need to assign some roles to particular users (shutdown port, description) so what i need to do for this task so not all users have same privileges.
View 1 Replies View Relatedhow to configure ACS 5.2 for device administration of Checkpoint firewalls and security management servers?
View 4 Replies View RelatedWe are setting up a vpn between a cisco RV082 and a checkpoint device. From the Cisco device we have set up (as remote IP) the public IP 85.xxx.xxx.xxx but when we try to start the tunnel the VPN log (from RV082) report the error "INVALID_ID_INFORMATION" as described below.
Jun 11 11:38:41 2013 VPN Log (g2gips1) #894: sending encrypted notification INVALID_ID_INFORMATION to 85.xxx.xxx.xxx:500
Jun 11 11:38:41 2013 VPN Log (g2gips1) #894: we require peer to have ID '85.xxx.xxx.xxx', but peer declares '10.yy.yy.yyy'
[code]....
The IP 10.yy.yy.yyy. reported in the log is the natted ip of the Checkpoint device.
I am working on a project to migrate a single Checkpoint firewall over to a single ASA 5510, no VPN, just firewall. The checkpoint firewall has 8 physical interface so the ASA 5510 also support physical 8 interfaces so thiw will be a one-to-one swap. At the moment, I don't have an ASA 5510 to test my theory so I am going to throw it out here. The checkpoint firewall is a SPLAT running on an powerfull IBM Server with 8 CPU dual cores with 32GB of RAM and it has 1200 rules with over 120,000 objects with some of the crazy NATs but it works so we will just leave it at that. There are not that much traffics going across the firewall so there are no need to put in an ASA 5585
I use the cisco conversion tool to do the policy conversion from Checkpoint to Cisco, I get about 1.5 million lines in the configuration. A lot of it has to do with Checkpoint having no concept of interface security level while ASA does. I am sure I can optimize it to cut down the number of lines in the configuration; however, that is not my main concern at the moment. The customer goal is that at the time when cutover from Checkpoint to Cisco ASA, they want everything to be perfect, meaning that it will work like magic.
My question is that can the ASA 5510 handle 1.5 million lines of configuration? Are there any limitations on this? I know there are limitations with FWSM but since I don't have an 5510 to test.
We have 2 nexus 7010 switches configured with HSRP in the network. For all the vlans core1 is Master and Core2 is standby. In the current setup we have external dhcp server and dhcp relay is configured for all the vlans on Master and standby switch. The setup is running the IOS 5.2
Activity Done: During the Maintainacne activity, we isolated core1 switch in the network by disabling the vpc/keepalive and all the uplinks from access switch. The core2 switch was master for all the vlans.
Issue observed: It has been observed that new users were not getting ip address from the dhcp server. The ethereal capture showed that dhcp server was not getting the dhcp requests from the core2 switch. We disabled the dhcp feature in core2 and enabled again with dhcp relay again configured on vlan interfaces .even after doing this no change was observed in behaviour. Finally we got core1 back in network by enabling all the links.
Observation: The moment VPC link came up between the core switches, users started getting ip's from dhcp. Then we started enabling all the uplinks on core1.Core1 again become master for all the vlans and users continued getting ip’s. Network running fine.
Further Testing
1. For one of the vlan, core 2 switch has been made primary and for new users checked the dhcp functionality and it was working fine. The aim was to identify if anything wrong on core 2 related to dhcp relay
2.Again we changed the priority for this vlan and made core1 master for the same. This time we disabled this vlan on core1 and tried new user with core 2 became master and dhcp functionality worked fine for new user. Actually in this case we have simulated the same behaviour when we observed the issue with only difference of VPC was not available during the issue time as core 1 was isolated form network
Inputs needed.
Is there any known behaviour for dhcp functionality when VPC is unavailable? If we see the test scenario2 (wherein core1 was master for the vlan and we disable this vlan on core 1 and core 2 was able to relay dhcp requests for new users in this vlan.) it was actually same as scenario we observed during issue time..
I am trying to migrate checkpoint configs to ASA 5585 using SCT tool, this tool asking me to feed it *.W file from checkpoint which is suppose to be a rule definition file on CP, but I cant find it
View 14 Replies View RelatedIs it possible to assign IP addresses to remote site WIFI users from local DHCP server and forward all other traffic to 2504 WLC?
[WIFI Users] >--------<AP (DHCP server) >------ VPN ---------< WLC
I have a user ABC(Admin Account) and XYZ(limited user). For both of them i would like to have two different ip configuration. If ABC(Admin Account) logins he should have ip, gateway and dns1, dns2 and dns3. If XYZ(limited user) logins he should have ip, gateway and dns1 only.Is it possible to have above configuraions.
View 4 Replies View RelatedI have Synology DS213 directly connected to a SMC Comcast business cable modem. The IP address of the DS213 is 5.4.3.x. The cable modem is pushing out IP Address in the same range 5.4.3.x. The cable modem connects to a wireless router and switch. The users who use wireless and wired connections have a public IP Address 192.168.x.x
View 5 Replies View Relatedi have 2 ISP, each ISP is 20Mbps internet speed.. and i connect this 2 ISP to mikrotik router,so this network will have 20Mbps + 20Mbps line and this network have 150 users..any idea how to set the QoS? i don't want the user using p2p application will use the Full bandwidth then affect the others user become slow browsing and i want reserve some bandwidth for some user for gaming.
View 3 Replies View RelatedSome1 browse my PC via LogMeIn Hamachi, so i need 2 know who did that , how 2 see the log list?
View 1 Replies View RelatedI have a desktop pc, and a laptop both connected to wireless internet in a house with about 5 other computers getting internet off of the same wireless router.A while back I had figured out how to share my printer which is wired to my desktop, with my laptop but without sharing any files and figured i had done it.Today I had to figure out why the printer had stopped printing from the laptop and i noticed that in the network area of the explorer I could see my users files on the desktop from my laptop and vice versa. I have been trying everything that seems to be there to disable sharing these files, other then disconnecting from the internet.
On my desktop I can right click on the users folder and choose share>share with nobody. I did that.I also went into the advance sharing options on both devices and tried disabling everything but network discovery.From what I gather discovery is just letting me browse, and not actually showing me that things aren't available to share. So with everything else turned off, like file and printer sharing, all that other stuff, I can STILL see and move and use the files that I have "shared with nobody" even regardless of the fact that I have disabled printer and file sharing. Both machines are running Windows 7
How to check which users are using printer. so that i can see which user are using more printer.
View 2 Replies View RelatedI have a laptop running Windows 7 and it is on a wireless network.The trouble I am having is, the Administrator account can get on the internet with no problems, however, another user cant.It was originally just a "User" account, however, I changed it to Administrator to see if that would resolve the problem. it didn't.
View 4 Replies View Related