[Openswan Users] Connecting to CheckPoint VPN
Noam Meltzer
tsnoam at gmail.com
Sun Feb 26 19:19:35 CET 2006
Hi Paul,
Thank you for the pointout. I will dig it out.
Best regards,
Noam Meltzer
On 2/26/06, Paul Wouters <paul at xelerance.com> wrote:
> On Sun, 26 Feb 2006, Noam Meltzer wrote:
>
> > Hi,
> > Did any one here succeeded connecting from Linux using openswan to a
> > checkpoint vpn?
> > If you did, or know how it can be achieved, can you please direct me
> > to a good howto for doing that?
> >
> > The server is:
> > Check Point VPN-1(TM) & FireWall-1 NGX (R60) - Build
> > The authentication method is using a username + a dynamic password
> > which I generate using a key holder ( then I manually type it to the
> > computer).
>
> Openswan does not support secureid type authentication. You might want
> to have a look at the opensclient project:
>
> http://opensclient.pbwiki.com/AboutProject
>
> OpenSClient is an effort to connect to CheckPoint VPN-1 & Firewall-1
> through a VPN tunnel in SecureClient mode using opensource software
> namely OpenSwan.
>
> Precisely speaking it's about implementing ChekPoint HybridAuthentication
> mode support in OpenSwan allowing for Username/Password (or two factor,
> like SecureID) authenticated VPNs among CP and Linux.
>
> You will need to patch openswan with:
>
> http://emsi.it.pl/auto/openswan-2.4.0-SecureClient.diff
>
> Since this patch breaks other functionality of Openswan, it is not part
> of the openswan code itself.
>
> Paul
>
More information about the Users
mailing list