Check Point offers two clients as part of its IPSEC VPN solution: SecureClient and SecureRemote.  This document describes the configuration of the Check Point SecureClient. 

The Site Wizard leverages user authentication to help in configuring a new Check Point Site.  Make sure that the user name that you use in the Site Wizard exists within Active Directory and that this same user exists within DualShield with the same user name.  In addition, the user must have an active OTP token or GridID card associated with their account.  See the DualShield Administration Guide for more details on importing users from AD and assigning OTP tokens to users.

  1. Start the Check Point SecureClient, select the Sites menu option and then Create New.  If no Sites are defined, you will be asked if you want to create a new site.  Click "Yes".



  2. Enter the IP address of the Check Point NG/NGX server that this client will be connecting to.



  3. Choose the Authentication Method to be used.  Choose Challenge Response if you will use tokens/cards that supports challenge and response, such as QuickID, MobileID and GridID. Or choose User name and Password if you want to use Password + OTP only. In our example, we choose Challenge Response.



  4. Enter your User Name.  Since the RADIUS server has been configured to authenticate users against Active Directory, this will essentially be your Active Directory or Windows user ID.



  5. Choose your connectivity settings option.  In most deployments, the Standard option will suffice.



  6. Check Point SecureClient has all the information needed to attempt a connection with the new site being configured.



  7. The Site Configuration Wizard requires that the user authenticate. First, it will prompt the user to enter his/her password. This is the user’s AD password or Deepnet StaticPass.



  8. Next, it will prompt the Challenge Code or Message and ask the user to enter the Response Code. The content and format of the Challenge Code varies according to authentication methods and the type of the token used.
    Authentication Method: Static Password >> One-Time Password
                Token                  Challenge Code
                T-Pass                Please enter your OTP
                SafeID                 Please enter your OTP
                MobileID              Please enter your OTP
                GridID                  Please enter your OTP

    Authentication Method: Static Password >> Challenge/Response
                Token                  Challenge Code
                MobileID               numeric code, such as 562822
                GridID                   coordinates, such as M1 B6 T8 C3



  9. Upon a successful authentication, the Site Wizard indicates that the site was created successfully. Click the "Finish" to save the Site data and close the wizard.
  • No labels