Remote Access VPN – Beginner’s Guide

Author: Gregg Sietsema

Table of Contents
Remote Access VPN – Beginner’s Guide ........................................................................................... 1
Introduction ..................................................................................................................................... 2
Configuring VPN ............................................................................................................................... 3
References...................................................................................................................................... 12

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 1

Check Point for Beginners – CP4B – Series
Introduction
This document provides step by step instructions for setting up a Remote Access VPN
with Check Point R80.x. Some prior experience with setting up Check Point environment
is assumed, and also basic understanding of IPSec VPNs principles.

Our objective is to enable a Layer 3 Remote Access solution using a VPN agent
installed on a Desktop/Laptop (Endpoint Security VPN for Mac/PC, Check Point Mobile
for Windows, or SecuRemote).

To assign different levels of access in active directory, an HR and an Engineering group

have been created.

Depending on the group a user is a member of they will be given different access into
the environment.

Note: Client-side settings are not covered.

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 2

Check Point for Beginners – CP4B – Series
Configuring VPN
1. Enable Mobile Access Blade to start Mobile Access Configuration Wizard

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 3

Check Point for Beginners – CP4B – Series
2. Unselect all options except for Desktops/Laptops (we are only going to configure the
VPN for these endpoints)

3. If your domain is not already listed, select Create new domain and add the required
domain information and click connect.

4. Select Finish

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 4

Check Point for Beginners – CP4B – Series
5. Add gateway to RemoteAccess VPN Community if not already a participant.

6. Enable Desktop/Laptop VPN Clients

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 5

Check Point for Beginners – CP4B – Series
7. Enable Identity Awareness

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 6

Check Point for Beginners – CP4B – Series
8. Then select terminal servers

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 7

Check Point for Beginners – CP4B – Series
9. Select “I do not wish to configure an Active Directory at this time.”

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 8

Check Point for Beginners – CP4B – Series
10. Click on Finish and then go into Identity Awareness and uncheck Terminal Servers
and confirm Remote Access is checked. The reason for this step is to enable
identity awareness for Remote Access so we can apply policy to users based on
their AD group.

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 9

Check Point for Beginners – CP4B – Series
11. Create an Access Role for both HR and Engineering. From the object tree select
New > More > User > Access Role. In the Users section, add the AD Security group
that the users of this group are members of.

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 10

Check Point for Beginners – CP4B – Series
12. Create access rule allowing Engineering group to allowed destination and HR group
to their allowed destination with RemoteAccess in the VPN Community column and
Install Policy.

13. Install VPN agent and configure required settings using the wizard.

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 11

Check Point for Beginners – CP4B – Series
References
sk67820 - Check Point Remote Access Solutions
sk117536 - Endpoint Security Homepage

©2019 Check Point Software Technologies Ltd. All rights reserved | P. 12

Check Point for Beginners – CP4B – Series