• No results found

CHECK POINT MOBILE ACCESS VPN

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "CHECK POINT MOBILE ACCESS VPN"

Copied!
11
0
0

Loading.... (view fulltext now)

Download now ( 11 Page )

Full text

(1)

CCAS IT Services | Check Point Mobile Access VPN 1 |

CHECK POINT MOBILE ACCESS VPN

Updated 1/14/2014

SUMMARY

Mobile Access is an SSL VPN service by Check Point. A VPN allows remote access to internally hosted services and applications using a web browser. There is an 8 hour time limit when using Mobile Access. After the 8 hour time period has expired, the user must re-connect to the VPN service.

REQUIREMENTS

a. Personal Certificate File (PKCS format). This certificate is based on the domain user who requires the VPN access. Contact the Help Desk to obtain the certificate and specify the domain user account in the request.

b. Active Directory group permissions to access and use VPN services. Contact the Help Desk to request permission to use Mobile Access.

c. Internet Explorer is the preferred web browser to use with Check Point Mobile Access. However, other browsers are compatible such as Mozilla Firefox and Chrome. Support for other browsers is limited.

(2)

CCAS IT Services | Check Point Mobile Access VPN 2 | PRE-REQUIREMENTS

1. Add the URL for the Check Point Mobile Access service to the list of Trusted Sites.

a. Open Internet Explorer, click Tools  Internet Options b. Select Security

c. Select Trusted Sites, click Sites.

d. Type the URL https://access.lcred.net in the box provided, click Add. Click Close.

2. Install the Personal Certificate. See manual “Import Personal Certificate from a File”.

3. Configure Certificate-based credentials. This step must be done after completing Step #2.

a. Open the Control Panel  Credential Manager

b. Find the section, Certificate-Based credentials, click “Add a certificated-based credentials”.

c. In the Internet or network address box, type: access.lcred.net d. Click Select Certificate.

The list of installed Personal Certificates will appear. Select your certificate, click OK.

(3)

CCAS IT Services | Check Point Mobile Access VPN 3 | e. Review the information, click OK.

4. Remove any previously installed VPN software. This includes “Check Point EndPoint Connect Client”

or “Check Point Connectra SSL Extender”. Uninstall the software via the Control Panel.

a. Click Programs and Features (Windows XP: Add/Remove Programs). In the list of programs, find the VPN software, select it and click Uninstall or Remove. Follow the prompts. You may have to restart your computer after removing the VPN software.

(4)

CCAS IT Services | Check Point Mobile Access VPN 4 | INSTALLATION

1. Open Internet Explorer. Type in the URL in the address box provided:

https://access.lcred.net/sslvpn

Add the URL to the Favorites for easy access.

2. The Mobile Access login will appear. Select Certificate Sign In, click Sign In.

3. [OPTIONAL] – If all the Pre-Requirements were completed, this prompt will not appear.

Select your certificate from the list, click OK.

4. When accessing Mobile Access for the first time, it is necessary to click connect manually. To do so, click the Connect button. See Appendix A to modify the Mobile Access settings to allow automatic connect.

(5)

CCAS IT Services | Check Point Mobile Access VPN 5 | 5. The Check Point Deployment Agent will install. Click Trust Server.

6. The Check Point SSL Network Extender Service will install. This may take a few minutes. When

complete, a message will appear to confirm that you have reached the SSL Network Extender gateway.

Click OK.

7. Once connected to the VPN, the status window will show the virtual IP and the remaining time available. When finished using the VPN, click Disconnect.

(6)

CCAS IT Services | Check Point Mobile Access VPN 6 | APPENDIX A

SUMMARY

Follow the instructions below to configure Check Point Mobile Access to automatically connect after authenticating.

1. When connected to the Mobile Access VPN service, click Settings located in the Native Applications area.

2. In the section “When signing-in launch SSL Network Extender”, select Automatically, click OK.

(7)

CCAS IT Services | Check Point Mobile Access VPN 7 | APPENDIX B

SUMMARY

In some instances corruption of the Check Point SSL Network Extender Service may occur when using Internet Explorer. The service is a critical component of the Mobile Access application. When corruption occurs, users may experience connection issues when attempting to connect to the VPN. Users may see the following error message: “SSL Network Extender Server is down and could not be started”. To date, issues using Mobile Access only occur on 64-bit operating systems (Windows 7 and MacOS). Perform the following steps to resolve this issue. Use the workaround solution if in a time sensitive situation. The Issue Resolution is the preferred method.

WORKAROUND

Connect to Mobile Access using another web browser. (ie: Chrome or Firefox) The preferred alternative is to use Chrome because it utilizes Internet Explorers security certificate stores. To use Firefox as an alternative, you must install the personal certificate in Firefox. Contact the Help Desk to obtain instructions on how to do this.

RESOLUTION

1. Remove all instances of Check Point programs from the Control Panel  Programs & Features.

2. Reset Internet Explorer by performing the following steps:

o Open Internet Explorer  Internet Options o Select Advanced tab

o Click Reset.

(8)

CCAS IT Services | Check Point Mobile Access VPN 8 | 3. Click Reset. It IS NOT necessary to delete personal settings. Make sure Delete personal settings

remains UNCHECKED.

4. Restart the computer. This is mandatory. Attempt to connect to Mobile Access. You will be prompted to reinstall the Check Point components for Mobile Access again.

(9)

CCAS IT Services | Check Point Mobile Access VPN 9 | APPENDIX C

CHECK POINT MOBILE ACCESS | JAVA ISSUE

A new version of Java was released (Version 7 Updated 51) which introduces a new security feature. This new feature causes an issue with the Check Point Mobile Access VPN service. If you use this service, please read on. Some employees use this service to access SAP. If you do not use this service, please ignore this message.

If you are a Mobile Access VPN user, we kindly ask you to upgrade the version of Java installed on your computer to version 7 Update 51.

The latest version of Java can be downloaded using this link.

http://javadl.sun.com/webapps/download/AutoDL?BundleId=83383

After installing the latest version of Java, the following steps must be performed, otherwise an error will occur when trying to use Mobile Access.

1. Access the Control Panel  Java.

2. The Java Control Panel will appear. Click on the Security Tab, then click Edit Site List.

(10)

CCAS IT Services | Check Point Mobile Access VPN 10 | 3. The Exception Site List will appear, click Add.

4. Add the following URLs https://access.lcred.net

http://access.lcred.net – After adding this URL, a message will appear, click Continue

When both sites have been added, click OK.

5. Connect to the Mobile Access VPN service like normal.

If you need assistance with configuring the new version of Java or continue to have an issue accessing the Mobile Access VPN service, please contact the Help Desk at [email protected]

(11)

CCAS IT Services | Check Point Mobile Access VPN 11 | How to verify what version of Java is installed.

1. Access the Control Panel  Click Java.

2. In the General tab, click About.

References

Download now ( PDF - 11 Page - 293.61 KB )

Related documents

UK IT SECURITY EVALUATION AND CERTIFICATION SCHEME

This Certification Report states the outcome of the IT security evaluation of Check Point Software Technologies Limited’s VPN-1/FireWall-1 Version 4.1 with SP2 to the Sponsor,

Mobile Access Software Blade

Check Point Mobile Check Point Mobile VPN SSL VPN Portal Mobile Access Software Blade on a Check Point Gateway.. SSL VPN Portal From Any

The Why and How of Design-led Multidisciplinary Innovation Education: Context and Curriculum

RI capabilities are developed through a number of core programme principles that capitalise on: connected strategic projects with partner organisations, communities and networks;

Effects of business excellence drivers on firm performance in manufacturing industry

Table 6.9: Significant t-test results for percentage of 3 years or younger products in total sales trend in last 3 years and financial performance………....153 Table 6.10: Significant

Fisheries policy research in developing countries: issues, priorities and needs

There are sev- eral key challenges that must be faced to achieve food security for all people: widespread poverty and limited economic growth; low levels of humah

2011 07 Pharmacology Chemotherapy for Cancer

equivalence with cisplatin in equivalence with cisplatin in lung and ovarian cancers; lung and ovarian cancers; inferior in head and neck and inferior in head and neck and germ

Endpoint Security VPN for Mac

Endpoint Security VPN for Mac Release Notes E80.41 | 5 Remote Access Clients Comparison Feature Endpoint Security VPN for Windows Check Point Mobile for Windows

Pathology Week 16

• patients with congenital immune-deficiency syndrome 2. The donor of the component is a blood relative of the recipient. The donor is selected for HLA compatibility, by typing