Checkpoint使用手册(自制).pdf

work

609

154页

5次

2022-04-12

5墨值下载

By freeit_gyh

第 1 / 154 页

Checkpoint 使用手册

一.概述 .................................................................................................................................................... 3

1.Checkpoint Firewall 简介 ............................................................................................................ 3

2.Checkpoint 系统 .......................................................................................................................... 3

3.CheckPoint 的管理 ...................................................................................................................... 3

4.Checkpoint 策略(需完善) ........................................................................................................... 4

二．R77.20 Vmware 安装 ..................................................................................................................... 4

1.安装简介与准备 ......................................................................................................................... 4

2.安装 Linux&Gaia 系统 ................................................................................................................ 5

3.安装 CP 系统---安装 SMS .........................................................................................................13

4.安装 CP 系统—安装 SG............................................................................................................25

5.向 SMS 管理平台添加 CP ........................................................................................................29

6.Checkpoint 授权 ........................................................................................................................34

7.SMS 双机热备 ...........................................................................................................................36

三.实验案例 ..........................................................................................................................................43

1.透明防火墙................................................................................................................................43

2.Cluster XL—CP 双机热备 ..........................................................................................................47

3.策略 ............................................................................................................................................64

4.NAT..............................................................................................................................................77

4.1.NAT 特点.........................................................................................................................77

4.2.NAT 分类.........................................................................................................................77

4.3.NAT 配置介绍 ................................................................................................................78

4.4.配置 Hide NAT ................................................................................................................79

4.5.Manaul NAT 与动态地址池 NAT 转换 .........................................................................84

4.6. 配置 Static NAT ............................................................................................................88

5.穿越用户认证(R70 之前版本) .................................................................................................90

5.1.简介 ................................................................................................................................90

5.2.实验案例 ........................................................................................................................91

5.2.1.实验拓扑 .............................................................................................................91

5.2.2.User Auth 认证 ...................................................................................................92

5.2.3.Session Auth 认证 ..............................................................................................97

5.2.4.Client Auth 认证 ...............................................................................................100

5.2.5.Radius 认证 .......................................................................................................104

6.Identity Awareness(R70+版本)...............................................................................................109

6.1.Identity Awareness 简介 .............................................................................................109

6.2.实验案例 ......................................................................................................................109

6.2.1.实验拓扑 ...........................................................................................................110

6.2.2.WEB Auth...........................................................................................................110

6.2.3.AD Query 实现的单点登录 .............................................................................132

四.IPSec VPN........................................................................................................................................137

1.Checkpoint 中的 IPSec 简介 ...................................................................................................137

2.IPSec Site-to-Site VPN(CISCO 与 CP 对接) .............................................................................138

By freeit_gyh

第 2 / 154 页

3．IPSec Site-to-Site VPN-Star Communities(CP 之间对接)...................................................147

of 154

5墨值下载

防火墙

关注

评论