[RideRed250]

I am trying to use the Checkpoint VPN "client" that is in the dropdown list on the VPN Settings page. I am able to connect to my firewall using a pre-shared key, but I cannot communicate with any hosts on the internal network.

Under advanced settings, there are fields for Private IP as well as Subnet. I have tried different combinations of IPs and subnets that match my network, as well as trying to leave the Advanced fields blank. Still no luck communicating.

I know this is pretty obscure, but I'm hoping there is SOMEONE who has successfully connected to their home or work networks using this client selection.

Thanks,
David

[hamsterwheel]

Someone able to help this person out, please?

[RideRed250]

Yes I would love some help on this. Thanks in advance.

Posted via CB10

[dehdude]

This would be using mobile access blade I suppose. Your administrator would need to tell you where the packets are going after they reach the firewall. Are they dropped, or not encrypted for return traffic. Its difficult to troubleshoot without firewall view. Can you post a screenshot of your VPN settings on the BB. What is the OS of the CP gateway Gaia or ipso etc.

[MobileMadness002]

This would be using mobile access blade I suppose. Your administrator would need to tell you where the packets are going after they reach the firewall. Are they dropped, or not encrypted for return traffic. Its difficult to troubleshoot without firewall view. Can you post a screenshot of your VPN settings on the BB. What is the OS of the CP gateway Gaia or ipso etc.

The BB is working as designed by the sounds of it.

[Insync]

Did this get solved? I have same issue.

Posted via CB10

[dehdude]

Pm me.

[RideRed250]

This would be using mobile access blade I suppose. Your administrator would need to tell you where the packets are going after they reach the firewall. Are they dropped, or not encrypted for return traffic. Its difficult to troubleshoot without firewall view. Can you post a screenshot of your VPN settings on the BB. What is the OS of the CP gateway Gaia or ipso etc.

This is a Safe@Office 1000N appliance. It is a Checkpoint SOHO firewall with an embedded NGX platform, version 8.2.55 installed. I am able to see successful IKE Phase 1 and Phase 2 negotiations in the firewall Event Logs. In addition, on the BB, I see a successful connection.

My problem is, I am not sure how to define the parameters in the Checkpoint client embedded in the BB VPN client.

[tobbec]

Have exactly the same issue on a Check Point UTM-1 Edge series Gateway running also this embedded NGX Platform but with a later version 8.2.64. I also see a successfully established ipsec tunnel. But I cannot access any IP address behind the gateway through the tunnel.

The only thing that's working is accessing the gateway by it's public IP address also through the tunnel. But any private IP does not work at all. these access attempts are even not visible on the Check Point gateway. So I would say the Blackberry does not correctly route those packets into the tunnel.

[DOGMA1138]

I have the exact opposite problem when the VPN is connected i can access the internal network but nothing else. The Checkpoint FW only allows access to internal resources no full routing iOS works, Android works, BB bleh...

[dehdude]

I'm very sorry guys I no longer have access to a bb I gave it to my gf. I have one of these edges I can test with but no bb for the moment. I can tell you that they are limited for debugging purposes due to limited cli. If you review the event logs is the bb also connected? Are there any recorded drops in security logs? (I assume these are locally managed meaning no dedicated management) You may require edge debug firmware to get a better idea of the issue. For those not on 8.2.64 it's strongly suggested.

[RideRed250]

When I connect from a public network (Verizon LTE, 3G, etc, I get through phase 1 and phase 2, and the tunnel shows up in the list of tunnels. But, even using a CLI Packet capture doesn't show any activity (pings, telnet, Remote Desktop, etc.)

When I am connected to a wifi hotspot with private IP Addressing, VPN Connectivity works like a champ.

What I can't do is come up with a combination of settings in the Checkpoint client that works across public networks. It does seem like the client has no clue how to route the packets.

Posted via CB10

[DOGMA1138]

Hi a temporary measure but if you have the mobile blade installed on your gateway you can use Capsule Workspaces.
The Capsule VPN doesn't work since the Android VPN API is not enabled in the Android Runtime for OS10 but I'm currently working to hack it similarly to how the Google Play Services hack works for the store and youtube applications.

[Fajar Nurrahman]

Been years..by any chance can checkpoint vpn works in bb os 10 now?