Check Point UTM-1 Edge User Manual page 489

To create a Remote Access VPN with two VPN sites
1. On the remote user VPN site's UTM-1 appliance, add the office Remote
Access VPN Server as a Remote Access VPN site.
See Adding and Editing VPN Sites on page Error! Bookmark not defined..
The remote user's UTM-1 appliance will act as a Remote Access VPN Client.
2. On the office VPN site's UTM-1 appliance, enable a Remote Access VPN
Server.
See Setting Up Your UTM-1 Appliance as a VPN Server on page 476.
Internal VPN Server
You can use your UTM-1 appliance as an internal VPN Server, for enhanced wired and
wireless security. When an internal VPN Server is enabled, internal network PCs and
PDAs with the appropriate software installed can establish a Remote Access VPN session
to the gateway. This means that connections from internal network users to the gateway
can be encrypted and authenticated.
The benefits of using an internal VPN Server are two-fold:
•
Accessibility
Using SecuRemote/SecureClient or L2TP, you can enjoy a secure connection from
anywhere—in your wireless network or on the road—without changing any settings.
The standard is completely transparent and allows you to access company resources
the same way, whether you are sitting at your desk or anywhere else.
•
Security
Many of today's attacks are increasingly introduced from inside the network. Internal
security threats cause outages, downtime, and lost revenue. Wired networks that deal
with highly sensitive information—especially networks in public places, such as
classrooms—are vulnerable to users trying to hack the internal network.
Using an internal VPN Server, along with a strict security policy for non-VPN users,
can enhance security both for wired networks and for wireless networks, which are
particularly vulnerable to security breaches.
For information on setting up your UTM-1 appliance as an internal VPN Server, see
Configuring the Internal VPN Server on page 480.
Chapter 16: Working with VPNs
Overview
475