release-notes by shrakdoc

VIEWS: 16 PAGES: 6

									VPN-1 NGX R65 HFA_02 L2TP Supplement
Release Notes


              Revised: April 27, 2008



                IMPORTANT
                Check Point recommends that customers remain up-to-date with the latest HFAs, as
                they contain security enhancements and protection against new and evolving attacks.




              Note - Before beginning the installation, read the latest available version of these release notes at:
              http://www.checkpoint.com/support/




              In This Document
              Introduction                                                                        page 2
              Resolved Issues                                                                     page 2
              Installation                                                                        page 2
              Uninstallation                                                                      page 2
              Configuration                                                                       page 3
              iPhone Usage                                                                        page 6




Copyright © 2008 Check Point Software Technologies, Ltd. All rights reserved                                       1
     Introduction
             This VPN-1 NGX Supplement extends Check Point VPN-1 support for the iPhone built-in VPN
             client.
             No additional software is needed on the iPhone side.
             This supplement is for releases R65.


     Resolved Issues
             This supplement provides the ability for Apple iPhone devices to securely connect to the
             enterprise. The Apple iPhone contains a VPN client: "L2TP", which uses an underlying tunneling
             protocol of the same name to create an IPsec encrypted tunnel. This enables a secure connection
             between the iPhone and Check Point VPN-1 gateway.


     Installation
             Before installing this supplement, make sure you have the latest applicable HFA installed. Consult
             with Check Point Technical Support.
             1.    Update VPN-1 with the supplement package.
             2.    Backup the following directories:
                   •    $FWDIR/bin
                   •    $FWDIR/lib
                   •    $FWDIR/boot/modules
             3.    Download the appropriate file for your operating system into a temporary folder:

             Table 1:      Files for VPN-1 NGX R65: Build 620486005

              OS           Name of File to Download
              Linux        VPN-1_R65_HFA_02_L2TP_Supplement.linux.tgz
              Solaris      VPN-1_R65_HFA_02_L2TP_Supplement.solaris.tgz
              Windows      VPN-1_R65_HFA_02_L2TP_Supplement.windows.tgz
              IPSO         VPN-1_R65_HFA_02_L2TP_Supplement.ipso.tgz


             4.    Extract and run the executable file.
             5.    Wait for the installation routine to execute the cpstop and cpstart commands. Make sure it
                   completes successfully (without errors) before continuing.
             6.    Install policies on applicable gateways.


     Uninstallation
             Before uninstalling this supplement, be aware that on Windows, uninstallation causes the latest
             HFA to be uninstalled as well. You can re-install the HFA after removing the supplement.
             To uninstall this supplement, run the uninstall script located under $FWDIR.
             If you encounter problems during the uninstall process, restore the backup that you created during
             installation process and then contact technical support for assistance.




VPN-1 NGX R65 HFA_02 L2TP Supplement Release Notes. Last Update — April 27, 2008                                2
     Configuration
             In This Section

                  Gateway Configuration                                               page 3
                  iPhone Configuration                                                page 5

             Gateway Configuration
             To configure the L2TP supplement on gateways:
             1.   Enable L2TP on the specific gateway: Gateway Properties > Remote Access




             2.   In the l2tp.conf file in $FWDIR/conf, enter the shared secret.
                  For more details about configuring L2TP clients, see the VPN Administrator Guide, Chapter 20:
                  Layer Two Tunneling PRotocol (L2TP) Clients.
             3.   L2TP requires Office Mode: Gateway Properties > Remote Access > Office Mode




VPN-1 NGX R65 HFA_02 L2TP Supplement Release Notes. Last Update — April 27, 2008                              3
                  For more details about configuring Office Mode, see the VPN Administrator Guide, Chapter 15:
                  Office Mode.




VPN-1 NGX R65 HFA_02 L2TP Supplement Release Notes. Last Update — April 27, 2008                             4
             iPhone Configuration
             To configure L2TP on the iPhone:
             1.   From your iPhone home screen, go to Settings > General > Network > VPN > Settings




             2.   Provide your VPN-1 server FQDN (DNS name) or IP address, your user name, and the global
                  shared secret.




VPN-1 NGX R65 HFA_02 L2TP Supplement Release Notes. Last Update — April 27, 2008                            5
     iPhone Usage
             1.   Go to Settings and turn the VPN switch to ON.




                  The Password screen appears.
             2.   Enter your password, or (if used) your RSA secureID one-time password.




VPN-1 NGX R65 HFA_02 L2TP Supplement Release Notes. Last Update — April 27, 2008           6

								
To top