[Openswan Users] Connecting to CheckPoint VPN

Noam Meltzer tsnoam at gmail.com
Sun Feb 26 19:19:35 CET 2006


Hi Paul,
Thank you for the pointout. I will dig it out.

Best regards,
Noam Meltzer

On 2/26/06, Paul Wouters <paul at xelerance.com> wrote:
> On Sun, 26 Feb 2006, Noam Meltzer wrote:
>
> > Hi,
> > Did any one here succeeded connecting from Linux using openswan to a
> > checkpoint vpn?
> > If you did, or know how it can be achieved, can you please direct me
> > to a good howto for doing that?
> >
> > The server is:
> >      Check Point VPN-1(TM) & FireWall-1  NGX (R60) - Build
> > The authentication method is using a username + a dynamic password
> > which I generate using a key holder ( then I manually type it to the
> > computer).
>
> Openswan does not support secureid type authentication. You might want
> to have a look at the opensclient project:
>
> http://opensclient.pbwiki.com/AboutProject
>
>   OpenSClient is an effort to connect to CheckPoint VPN-1 & Firewall-1
>   through a VPN tunnel in SecureClient mode using opensource software
>   namely OpenSwan.
>
>   Precisely speaking it's about implementing ChekPoint HybridAuthentication
>   mode support in OpenSwan allowing for Username/Password (or two factor,
>   like SecureID) authenticated VPNs among CP and Linux.
>
> You will need to patch openswan with:
>
>          http://emsi.it.pl/auto/openswan-2.4.0-SecureClient.diff
>
> Since this patch breaks other functionality of Openswan, it is not part
> of the openswan code itself.
>
> Paul
>


More information about the Users mailing list