Can Check Point VPN client be used to connect to Cisco ASA?

Unanswered Question
Nov 24th, 2008
User Badges:

We are about to install the Check Point Endpoint Security client which has a VPN client option. Does anyone know if it is possible to use the Check Point VPN client to connect to a Cisco ASA?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.
ajagadee Mon, 11/24/2008 - 09:38
User Badges:
  • Cisco Employee,

Hi,


I dont think it is possible to make Check Point VPN Client to work with ASA. And this has not been tested.


And even if you tweak some settings and make it work, it is not officially supported solution with ASA. So, TAC will not assist you with any kind of troubleshooting and caveats that you run into.


So, I would recommend that you look at the VPN Solutions on the ASA and go with that. For example, SSL VPN.


Regards,

Arul


*Pls rate if it helps*

cisco24x7 Mon, 11/24/2008 - 09:59
User Badges:
  • Silver, 250 points or more

"So, I would recommend that you look at the VPN Solutions on the ASA and go with that. For example, SSL VPN."


Why would you want to do that when you can also

terminate SSL VPN on the Checkpoint Firewall

itself? It is called SSL Extender.

ajagadee Mon, 11/24/2008 - 10:09
User Badges:
  • Cisco Employee,

Hi cisco24x7,


Good Point. "Does anyone know if it is possible to use the Check Point VPN client to connect to a Cisco ASA?"


The way I understood this question was, the original poster wanted a Remote Access VPN Solution to be terminated on the ASA, so ASA being the VPN Server. And that is why I recommended looking a RA Solution on ASA.


Did I miss anything?


Regards,

Arul



mgildberg Mon, 11/24/2008 - 10:22
User Badges:

Thank you for your replies. I will try to explain myself a little better.


We currently have a remote access VPN solution with a Cisco ASA 5520, Cisco VPN clients and Check Point Integrity firewall client.


Since the new version of the Check Point client (Check Point Endpoint Security) has a built-in VPN client, I was wondering if we could use that instead of the Cisco VPN client. Just to have a cleaner setup with only one client.


I just wanted to know if anyone had tried something like that.


Thanks,

Mads Gildberg


cisco24x7 Mon, 11/24/2008 - 10:49
User Badges:
  • Silver, 250 points or more

Now that I understand your situation better,

I can only offer this addvice:


the configuration you're using is NEITHER

support by Checkpoint or Cisco. When something

goes wrong, Cisco will tell you to uninstall

the Checkpoint Integrity Client. The same goes

for Checkpoint. Therefore, do this at your

own risk.

ajagadee Mon, 11/24/2008 - 10:53
User Badges:
  • Cisco Employee,

Mads,


I agree with cisco24x7. It is always better to go with a solution that is officially supported by Cisco or Checkpoint, specifically when you are installing an application on an OS.


Regards,

Arul

mgildberg Tue, 11/25/2008 - 02:23
User Badges:

Thank you both for your help.


We will continue to use the Cisco VPN client for VPN connections to the Cisco ASA, and only use the Check Point client firewall.


Thanks,

Mads Gildberg

Actions

This Discussion