Check Point VPN-1 / FireWall-1 on AIX: A Cookbook for Stand-Alone and High Availability Solutions

326 Check Point VPN-1/FireWall-1 on AIX: A Cookbook for Stand-Alone and High Availability Solutions

5.4 SecuRemote client configuration

To use SecuRemote for encrypting traffic to our Encryption Domain, we need

to define a site. To bring up the SecuRemote panel, go to the Window Start

menu, select Programs > SecuRemote. This should start the SecuRemote

daemon; to view the site’s panel, you will need to double-click the

SecuRemote icon on the Task Bar.

You now need to select Sites > Make New. The name for the site is the name

of the VPN-1/Firewall-1 module where the Encryption Domain is defined. You

now need to add in the name of the site and its IP address; we used cpfw for

the name and 192.167.1.3 (the external cluster address) for the IP address.

Click OK; this should fetch data from the site.

If the site definition is successful, you will be reminded to verify that the

information in the site panel is correct. This is to confirm that you have indeed

communicated with the site and not with an imposter. For FWZ, which is what

we used, the IP address and Key ID should be verified, then click OK.Atthis

point, you should see the new site icon, as shown in Figure 129.

Figure 129. VPN-1/Firewall-1 SecuRemote panel

Chapter 5. Implementing High Availability with VPNs 327

You should now be able to test an encrypted session. In our rules, we allowed

for encrypted Telnet and FTP sessions to go to the Web server, so this is

what we tested. When we attempted a telnet, we got an authentication panel

like Figure 130. We filled in our User name and password, as was defined on

the VPN-1/Firewall-1 Module, and then clicked OK.

Figure 130. SecuRemote User Authentication panel

If everything was configured correctly, you should see a panel similar to

Figure 131 on page 328, which shows that the authentication was successful.

We were then able to login successfully.

328 Check Point VPN-1/FireWall-1 on AIX: A Cookbook for Stand-Alone and High Availability Solutions

Figure 131. SecuRemote successful User Authentication

Get Check Point VPN-1 / FireWall-1 on AIX: A Cookbook for Stand-Alone and High Availability Solutions now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Check Point VPN-1 / FireWall-1 on AIX: A Cookbook for Stand-Alone and High Availability Solutions by Axel Buecker, Rob Middleton, Rahul Patel, Anthony Michalakopoulos