Check Point VPN-1/FireWall-1

Endpoint Connect will not download Topology from the Security Gateway

AERAsec Network Services and Security GmbH

Platform:  Any Platform for Check Point VPN-1
Product: Check Point R70
Problem: R70 is configured correctly for use of Endpoint Connect. This client can connect since the Fingerprint is shown and accepted by the user. Then, an error message states that the Topology cannot be downloaded
Solution: There is a missing parameter in the basic configuration of R70. To solve this problem, take these steps: 

- Close SmartDashboard, if you have opened it
- On the Security Management, change to the directory $FWDIR/lib (Windows: %FWDIR%\lib)
- Backup the file vpn_table.def
- Edit the file vpn_table.def and search for the section beginning with 

 /* Slim Client gateway tables */

- Directly below this comment enter this line:

   ccc_sessions = dynamic expires 900 keep sync kbuf 1;

- Save the file vpn_table.def and exit the dditor
- Open SmartDashboard and install the policy again

Your problem should be solved now. 

No warranty at all, your Feedback is welcome!
© 2010-2011 AERAsec Network Services and Security GmbH, last change 2010-02-17
back to http://www.vpn-1.de/aerasec/