[Openswan Users] Connecting to CheckPoint VPN
Paul Wouters
paul at xelerance.com
Sun Feb 26 18:02:58 CET 2006
On Sun, 26 Feb 2006, Noam Meltzer wrote:
> Hi,
> Did any one here succeeded connecting from Linux using openswan to a
> checkpoint vpn?
> If you did, or know how it can be achieved, can you please direct me
> to a good howto for doing that?
>
> The server is:
> Check Point VPN-1(TM) & FireWall-1 NGX (R60) - Build
> The authentication method is using a username + a dynamic password
> which I generate using a key holder ( then I manually type it to the
> computer).
Openswan does not support secureid type authentication. You might want
to have a look at the opensclient project:
http://opensclient.pbwiki.com/AboutProject
OpenSClient is an effort to connect to CheckPoint VPN-1 & Firewall-1
through a VPN tunnel in SecureClient mode using opensource software
namely OpenSwan.
Precisely speaking it's about implementing ChekPoint HybridAuthentication
mode support in OpenSwan allowing for Username/Password (or two factor,
like SecureID) authenticated VPNs among CP and Linux.
You will need to patch openswan with:
http://emsi.it.pl/auto/openswan-2.4.0-SecureClient.diff
Since this patch breaks other functionality of Openswan, it is not part
of the openswan code itself.
Paul
More information about the Users
mailing list