000024174 - Check Point VPN Clients Discovering as Enforcement Points

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000024174
Applies ToenVision

Check Point VPN clients report alerts through the management console to enVision? and are discovered as Check Point enforcement points

ResolutionThese alerts are the result of Desktop Security policies defined in Check Point SmartCenter and installed on remote VPN-1 SecureClient hosts when the clients connect to download a policy.

The Check Point Global parameter enforce_ip_forwarding has been set to true in $FWDIR/conf/local.scv of the SmartCenter/Policy Server which is a file where the administrator defines the Secure Configuration Verification check for the remote VPN clients.

To resolve, use the Product Filtering option when setting up the LEA service in enVision. The option can be found by expanding the Advanced setting menu.

Legacy Article IDa36791