How To Get Check Point Secure Client Working With Sprint EVDO
When I was at the car dealer yesterday giving my car some service love, I hung out at the dealership while the repair was taking place. My dealer is pretty good–they give you a coupon (or two) for a free latte while you wait for your car to be serviced. They offer WiFi throughout their waiting area. They also have a “lounge” where you can either use one of the computers they have or use your own.
Despite the dealer having WiFi, I didn’t use it. Why? Their system requires reauthenticating every two hours, which gets old when I know I am going to be there for at least twice that long. Instead, I decided to use my Sprint EVDO dongle.
Unfortunately, I spent a long time fighting with the Sprint Connection Manager software (version 1.10.0023.0) instead of working. When I tried to use it to connect, then started up my VPN to connect to the office, my EVDO connection would unceremoniously disconnect. I don’t remember my Verizon card ever doing this.
I eventually figured out how to get this combination working. The hint is in the graphic here. Sprint’s software–and presumably Verizon’s software–are simply front ends for the standard Windows dial-up networking. Sprint’s software also has this NDIS mode in it–make sure it’s set to RAS before you do this trick.
In Check Point Secure Client (which us old-timers still call SecuRemote), I told it to use a Dial-up connection, which shows up in the Connection window. In my case, I ticked the Use Dial-up option and used the connection called CDMA. There was another one called 3G Connection that I didn’t try. After this, Secure Client properly brought up the EVDO connection and started my VPN. The connection didn’t drop once and worked reliably for the rest of the time I was at the dealer.
I left the Sprint Connection Manager software running, but I don’t believe it was necessary. It continued to show me signal strength and the like, but I did not see any details about how much data I was sending and receiving. That’s ok, just as long as my EVDO worked.
Bookmark with: del.icio.us Digg it Furl iFeedReaders ma.gnolia Maple.nu RawSugar reddit Simpy StumbleUpon
Tags: check point, secure client, securemote, sprint, sprint connection manager, sprint evdo Fnord
Comment by spg
i am starting to wonder how things would work if i took one of those dongle’s and than called STI Mobile and asked them to activate it on their prepaid plan with $0.19/day unlimited web browsing option? i imagine that the dongle is network locked and so would need a bit of a hack. i am going to look into this a bit more; i think it may be very interesting.
Comment by Martin
Hi,
I see that you have a lots of experience with Check Point. My new job is forcing me to use a “Check Point” VPN-1 client. I have one question. I am a Linux lover. Do you have any idea if it’s possible this “Check Point VPN-1″ client to be replaced with something in Linux [openswan I suspect] and be able to successful connect my Linux with corporate network ?
Thank you !
Comment by a2poor
there is actually a setting in Sprint Smart View that needs to be adjusted in order for Checkpoint to work. the method above did not work in my case. using Sprint Smart View v. 1.16, go to Settings and then the Rules tab to adjust how the connection manager reacts to alternate connections. the main issue is that Smart View sees the VPN connection as a new network connection, and by default, gives way to this connection and disconnects. you can adjust the settings so that it will do nothing upon detecting a new network connection and the issue [should be] resolved.