Can Check Point VPN client be used to connect to Cisco ASA?

Unanswered Question
Nov 24th, 2008

We are about to install the Check Point Endpoint Security client which has a VPN client option. Does anyone know if it is possible to use the Check Point VPN client to connect to a Cisco ASA?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.
ajagadee Mon, 11/24/2008 - 09:38

Hi,

I dont think it is possible to make Check Point VPN Client to work with ASA. And this has not been tested.

And even if you tweak some settings and make it work, it is not officially supported solution with ASA. So, TAC will not assist you with any kind of troubleshooting and caveats that you run into.

So, I would recommend that you look at the VPN Solutions on the ASA and go with that. For example, SSL VPN.

Regards,

Arul

*Pls rate if it helps*

cisco24x7 Mon, 11/24/2008 - 09:59

"So, I would recommend that you look at the VPN Solutions on the ASA and go with that. For example, SSL VPN."

Why would you want to do that when you can also

terminate SSL VPN on the Checkpoint Firewall

itself? It is called SSL Extender.

ajagadee Mon, 11/24/2008 - 10:09

Hi cisco24x7,

Good Point. "Does anyone know if it is possible to use the Check Point VPN client to connect to a Cisco ASA?"

The way I understood this question was, the original poster wanted a Remote Access VPN Solution to be terminated on the ASA, so ASA being the VPN Server. And that is why I recommended looking a RA Solution on ASA.

Did I miss anything?

Regards,

Arul

mgildberg Mon, 11/24/2008 - 10:22

Thank you for your replies. I will try to explain myself a little better.

We currently have a remote access VPN solution with a Cisco ASA 5520, Cisco VPN clients and Check Point Integrity firewall client.

Since the new version of the Check Point client (Check Point Endpoint Security) has a built-in VPN client, I was wondering if we could use that instead of the Cisco VPN client. Just to have a cleaner setup with only one client.

I just wanted to know if anyone had tried something like that.

Thanks,

Mads Gildberg

cisco24x7 Mon, 11/24/2008 - 10:49

Now that I understand your situation better,

I can only offer this addvice:

the configuration you're using is NEITHER

support by Checkpoint or Cisco. When something

goes wrong, Cisco will tell you to uninstall

the Checkpoint Integrity Client. The same goes

for Checkpoint. Therefore, do this at your

own risk.

ajagadee Mon, 11/24/2008 - 10:53

Mads,

I agree with cisco24x7. It is always better to go with a solution that is officially supported by Cisco or Checkpoint, specifically when you are installing an application on an OS.

Regards,

Arul

mgildberg Tue, 11/25/2008 - 02:23

Thank you both for your help.

We will continue to use the Cisco VPN client for VPN connections to the Cisco ASA, and only use the Check Point client firewall.

Thanks,

Mads Gildberg

Actions

This Discussion