Table of Contents:

• Background
• Creating QR Code
• Related solutions
• Related documentation

 

Background

A QR Code is a URL that is encoded in a QR image. Check Point Mobile applications have a built-in QR scanner that can read the URL and create a VPN Site. You can create a QR Code that creates VPN Sites on handheld devices.

 

Creating QR Code

1. Download the CPQRGen Tool to your Windows computer.
   
   
2. Extract the CPQRCodeGenerator.exe tool from the ZIP file.
   
   

3. Open Windows Command Prompt:

   Start menu - Run... - cmd - click on OK.
   
   

4. Run the CPQRCodeGenerator.exe tool with mandatory parameters:

   CPQRCodeGenerator.exe name="VPN_SITE_NAME" host="VPN_SITE_ADDRESS" fingerprint="FINGERPRINT" file="PNG_FILE_NAME" [other parameters]

   • Mandatory Parameters:

     Parameter	Description	Product
     VPN_SITE_NAME	The name of the VPN Site that is shown to the user.	All
     VPN_SITE_ADDRESS	The address of the host. Example: androdemo.checkpoint.com	All
     FINGERPRINT	Fingerprint that is used for server validation. If you set the value to the server fingerprint, and the certificate is valid and signed by a trusted CA, users will not be prompted to decide if they trust the server.	All
     PNG_FILE_NAME	The file name of the output *.PNG image with the QR Code. Example: MySite.png	All

     Example:

     C:\> cpQRCodeGenerator name="Demo_VPN_Site" host="demo.example.com" fingerprint="DEMO FING ERP RINT FOR CODE" user="John Doe" file="DemoQR.png"
     
     __________ Check Point QR Code Generator __________
                  Version: 1
     
     Encoding...
     
     _____Arguments and values_____
     name = Demo_VPN_Site
     host = demo.example.com
     fingerprint = DEMO+FING+ERP+RINT+FOR+CODE
     user = John+Doe
     
     Output string: cpvpn:///?V1&name=Demo_VPN_Site&host=demo.example.com&fingerprint=DEMO+FING+ERP+RINT+FOR+CODE&user=John+Doe
     
     Encoding to file "DemoQR.png" completed successfully!
     
     C:\>
     

     Result:

     

   • Optional Parameters:

     Parameter	Description	Default Value	Product
     user	Login name for the user.	No value	All
     tun	The valid values are: kmp (IPsec tunnel) snx (SSL tunnel)	kmp	Mobile VPN
     auth	Authentication method. The valid values are: username (User name and Password) RSA (RSA SecurID) Certificate PinPad (Keypad for PIN code) KeyFob (Security token key fob) Challenge (Challenge and Response method)	username	All
     port	Port to use	443	All
     url	This URL will be opened after each connection to this VPN Site.	No value	Mobile VPN
     remoteActions	Enables using the VPN Site API. The valid values are: yes no	no	Mobile VPN
     realm	When Multi-Realm (Multi-factor authentication) is configured on the VPN site, this key should be used instead of the 'auth' key. The value should be the realm (Login Option) Name as configured on the dashboard (not the display name shown to the user).	No value	Mobile VPN
     wifiOnly	Allow the vpn site to connect only while the device is on wifi networks. The valid values are: yes no	no	Mobile VPN
     tcptimeout	The default timeout for connection attempts on the client is 20 seconds. Sometimes authentication through external servers and user challenges may take longer and it is possible to set a longer timeout. Value is number of seconds.	20	Mobile VPN

     
     
     

   • Parameters for Certificate Authentication:

     Parameter	Description	Default Value	Product
     regKey	Activation key that enrolls a certificate.	No value	All
     onDemand	The valid values are: yes no askUser	no	Mobile VPN
     domainAlways	An array of hosts, to which the client always tries to connect. Example: domainAlways="example1.com example2.com checkpoint.com"		Mobile VPN
     domainNever	An array of hosts, to which the client never tries to connect. Example: domainNever="example1.com example2.com checkpoint.com"		Mobile VPN
     domainIfNeeded	An array of hosts, to which the client tries to connect when necessary. Example: domainIfNeeded="example1.com example2.com checkpoint.com"		Mobile VPN

 

Related documentation

• Check Point Mobile VPN for iOS, Android, and Windows 8.1 Administration Guide.

 

Related solutions

• sk69540 (Check Point Mobile VPN application - Layer-3 VPN for Apple iPhone and iPad)