The course is fully focused on VPN and contains 7 sections that fully cover IPsec and SSL . I show you how to build a lab in VMware workstation + in VPS.
Also, you will learn a method, I’ve used over the years on how to troubleshoot VPN related connection issues.
Expand your CCSA and CCSE knowledge.
1. Building Check Point lab
Getting a license, ISO and all necessary information to build a lab. In addition, we go trough GAIA installation and first-time configuration wizard.
2. Licensing and SmartConsole Overview
A brief but precise overview of Licesing and main console that manages the system.
3. Building a Lab in VPS
A great resource to build your own cool lab in Virtual Private Server.
4. IPsec [Lecture]
IPsec terminology is explained in a simple and understandable way.
Includes topics like:
-
Encryption Domain
-
IPsec Phase 1 and Phase 2
-
IPsec Routing
-
Permanent Tunnel (Tunnel Test and DPD)
-
NAT inside VPN
-
SA lifetime
-
NAT-T
5. Installing a Web-Server
We install a great web application designed intentionally vulnerable, so security enthusiasts can pentest and hack the web application in order to gain knowledge.
Also we install XAMPP and I show you required configuration for your web application to work.
6. Remote Access
A detailed explanation of Remote Access (Client-to-Site) type of VPN + LAB from scratch.
7. SSL VPN
Includes Mobile Access overview + SNX + Mobile Access Lab
8. IPsec [LAB]
Section includes a lab on how to deploy IPsec from scratch between two firewalls.
!!! Includes: build VPN managed by 1 Management Server + build VPN managed by separate Management Servers !!!
9. Troubleshooting [Technique Overview and Practice]
Learn unique techniques to troubleshoot Check Point VPN connections like a PRO.
Each packet of phase 1 and 2 is explained.
Hone your troubleshooting skills on real examples.
10. Endpoint Security Deployment
Contains two parts on how to deploy Endpoint Security Suite
Updated:
08.09.2020 – Endpoint Security Deployment [Part1] and [Part2]
Become a Check Point VPN pro Today!!!
Building a Lab and installing Gaia R80.40
Licensing and SmartConsole Overview
Building a lab In VPS
IPsec [Lecture]
Installing a Web Server
-
16IPsec (Overview, Terminology)
We talk over what is a VPN, what is Site-to-Site and Client-to-Site types of connection and basic terminology of VPN world.
-
17IPsec (Phase1, Phase2)
We discuss how the tunnel is being built, what is the Phase 1 and the Phase 2.
-
18IPsec Routing
Full mesh Routing
Star Routing
Mixed Routing
-
19Permanent tunnel (Tunnel Test, DPD)
We talk about what's Permanent tunnel.
The difference between Tunnel Test and Dead Peer Detection (DPD)
Also we discuss what's Active DPD and Passive DPD -
20NAT inside VPN
What happens behind the scenes when you uncheck "Disable NAT inside VPN"
-
21SA lifetime
We talk over what is SA (Security Association) and what is SA lifetime.
-
22NAT-T
What is NAT-T and where it lies in the 1st phase (IKE).
Remote Access
SSL VPN
-
26Remote access [Overview]
-
27Traffic flow [Overview]
-
28Remote access [LAB] (Part1)
Downloading and installing VPN agent
Configuring Remote Access in SmartConsole
Connecting to the External interface via our VPN agent
-
29Troubleshooting issue #1 and fixing (Part2)
-
30Troubleshooting issue#2 and fixing (Part3)
Issue:
I'm able to reach my internal interface of the Gateway. Traffic reaches the Ubuntu server, but I have no reply back to my Gateway.Fix:
Using tcpdump on linux server and on Check Point gateway to figure out where the problem is. -
31Configuration Summary
A brief summary for your reference on the steps you have to take to set up Remote Access Client-to-Site connection.
-
32Hub Mode (Part1)
-
33Hub Mode NAT (Part2)
-
34Application Control via RA (hub mode)
-
35Desktop Security Policy (legacy)
-
36Remote Access - lab