Managing VPNs

Remote Access communities in VPN of My Organization are supported only in Office Mode. You can define Internal VPNs, include them in My Organization and exclude them.

  1. In SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., click Gateways & Servers and double-click the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources..

    The gateway window opens and shows the General Properties page.

  2. From the navigation tree, click VPN Clients > Office Mode.

  3. Select Perform Anti spoofing on Office Mode addresses.

  4. In Additional IP Addresses for Anti-Spoofing, select the applicable network object.

  5. Click OK.

  6. Publish the SmartConsole session.

  1. In SmartConsole, select Security Policies > Shared Policies > DLP and click Open DLP Policy in SmartDashboard.

    SmartDashboardClosed Legacy Check Point GUI client used to create and manage the security settings in versions R77.30 and lower. In versions R80.X and higher is still used to configure specific legacy settings. opens and shows the DLP tab.

  2. From the navigation tree, click My Organization.

  3. In the VPN section, make sure the All VPN traffic is selected.

  4. Click Save and then close SmartDashboard.

  5. In SmartConsole, click Install Policy.

  1. In SmartConsole, click Gateways & Servers, and find the VPN gateway that protects the DLP Gateway.

    For an integrated DLP configuration, this is the DLP Gateway itself. The protecting VPN gateway includes the IP address of the DLP Gateway in its encryption domain.

  2. Double-click the VPN gateway.

    The gateway window opens and shows the General Properties page.

  3. From the navigation tree, click IPSec VPN.

    The DLP Gateway is aware of the VPN communities that are shown in this page.

  1. In SmartConsole, select Security Policies > Shared Policies > DLP and click Open DLP Policy in SmartDashboard.

    SmartDashboard opens and shows the DLP tab.

  2. From the left tree, click My Organization.

  3. In the VPN section, click Exclusions.

    The VPN Communities window opens.

  4. Select the VPNs that you want to exclude from My Organization and click Add.

    Ignore the VPNs that are not relevant to the protecting VPN gateway; they are excluded by default.

  5. Click Save and then close SmartDashboard.

  6. In SmartConsole, click Install Policy.