https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/103407#M1879 <P>Hello team ,</P><P>We have a customer where we will be using checkpoint HA in Azure for north-south traffic .</P><P>There is an Azure external LB before Checkpoint .</P><P>&nbsp;</P><P>Now there is another Internet Juniper VSRX Standalone FW where all the VPN tunnels(from on prem) will be terminating.</P><P>&nbsp;</P><P>Question is can we use a common Internal Load Balancer for both these Firewalls .?</P><P>&nbsp;</P><P>We want all the outbound traffic to go via Checkpoint&nbsp;</P><P>and all the on-prem specific traffic go via vSRX</P><P>&nbsp;</P><P>There is a plan to have a F5 WAF after the Internal Load Balancer.</P><P>&nbsp;</P><P>So can we have a common Internal Load Balancer to serve as a backend for both Checkppoint and Juniper</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 26 Nov 2020 11:38:15 GMT a_security 2020-11-26T11:38:15Z https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/103407#M1879 <P>Hello team ,</P><P>We have a customer where we will be using checkpoint HA in Azure for north-south traffic .</P><P>There is an Azure external LB before Checkpoint .</P><P>&nbsp;</P><P>Now there is another Internet Juniper VSRX Standalone FW where all the VPN tunnels(from on prem) will be terminating.</P><P>&nbsp;</P><P>Question is can we use a common Internal Load Balancer for both these Firewalls .?</P><P>&nbsp;</P><P>We want all the outbound traffic to go via Checkpoint&nbsp;</P><P>and all the on-prem specific traffic go via vSRX</P><P>&nbsp;</P><P>There is a plan to have a F5 WAF after the Internal Load Balancer.</P><P>&nbsp;</P><P>So can we have a common Internal Load Balancer to serve as a backend for both Checkppoint and Juniper</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 26 Nov 2020 11:38:15 GMT https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/103407#M1879 a_security 2020-11-26T11:38:15Z https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/103563#M1880 <P>Hello</P><P>&nbsp;</P><P>Anyone please ?</P> Fri, 27 Nov 2020 20:21:49 GMT https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/103563#M1880 a_security 2020-11-27T20:21:49Z https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/103572#M1881 <P>As far as I know, load balancers don’t support IPSec traffic at all.</P> Sat, 28 Nov 2020 02:54:44 GMT https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/103572#M1881 PhoneBoy 2020-11-28T02:54:44Z https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/104452#M1882 <P>Hi,</P> <P>I would use UDRs (User defined Routes) to direct the OnPrem networks to the Juniper SRX</P> <P>Could be both ways, depending on where (subnet) you deploy your UDRs:</P> <P>1. OnPrem &lt;-&gt; SRX &lt;-&gt; CP &lt;-&gt; Azure</P> <P>2. OnPrem &lt;-&gt; SRX &lt;-&gt; Azure</P> <P>&nbsp;</P> <P>Matthias</P> Mon, 07 Dec 2020 07:47:09 GMT https://community.checkpoint.com/t5/Cloud-Firewall/Azure-Internal-Load-Balancer-after-checkpoint/m-p/104452#M1882 Matthias_Haas 2020-12-07T07:47:09Z