14
Using Managed Services
3. You can verify that the tunnel is open by sending packets from IP40 to the VPN-1 GW.
Check Point Side
1. Enable LSM: In the command prompt, type "LSMenabler on" and reset the FW services.
2. Open SmartDashboard (SD) and define new Safe@ LSM profile.
3. Name the LSM profile, and click OK.
4. Click Save on SD, and close SD. Open SmartLSM.
5. Define new Safe@ ROBO, and select the LSM profile you have defined. Make sure to
choose the correct HA type (IP40, IP30 etc).
6. Open SD again, and define a Star Community.
Place VPN-1 GW in the "Central Gateway", and the LSM profile in "Satellite Gateway".
7. Define a new UDP service on ports 9281-9282, and call it SW.
8. Place SW service in Excluded Services of the Star Community you have defined.
9. Create the rule base, or policy used for managing your device.
10. Install the policy.
168
http://my.firewall/vpntopo.html
Nokia IP40 User Guide