While reading the posts here I keep seeing mention of a “group” or “any” setting in Checkpoint that doesn’t require Checkpoint authentication. Also, in the How-to: Interoperability with Check Point VPN-1 GateWay manual [url]http://www.equinux.com/us/products/vpntracker/files/HowTo_CheckPoint_Rev_1.1.pdf[/url], it says:
“Please check the other user settings. Please use no ìauthentication schemeî and donít generate a certificate for the pre-shared key based connection.”
[b:64e5ec24b3]Are these the same thing? And how does this affect the security of the firewall? [/b:64e5ec24b3] What’s the point in even having the firewall if there is no authentication. Without authentication, can’t anyone who enters the gateway’s ip address at least download the network’s topology which would be a great starting point to attack it?
On a related note, while I have been unable to access my Checkpoint VPN using any mac native methods, I have been successful simply installing SecuRemote within Windows XP on Virtual PC and using Terminal Server that way, and the performance is actually rather impressive because all the work is being passed off on the Terminal Server and not being done in Virtual PC.
[b:64e5ec24b3]If I turn on my firewall in Panther, are there any specific ports I then need to open up to continue to use Checkpoint with Virtual PC?[/b:64e5ec24b3] I am using Shared Networking so Virtual PC is sharing Panther’s internet connection.
Thanks in advance.