Incoming traffic inspection - GCP

Rafal_N — Fri, 18 Sep 2020 11:56:08 GMT

Hi,

I'm starting working and getting to know CheckPoint in Cloud solutions so sorry for my question if it's obvious for Cloud Architecture.

Is it normal and only way that if we want to run service for internet users in some VCP and inspect traffic using CheckPoint we have to hide all internet behind CheckPoint adres (do the source NAT)??

sk114577:

No.	Original Source	Original Destination	Original Services	Translated Source	Translated Destination	Translated Services	Install On	Comment
1	All_Internet	LocalGateway	HTTP-8083	H LocalGateway	S web2-internal-lb	http	* Policy Targets

Doesn't bother web server/web app developer etc? All other solutions works in that way?

Best regards,

Rafal

Re: Incoming traffic inspection - GCP

PhoneBoy — Sun, 20 Sep 2020 22:06:38 GMT

To ensure the traffic goes through the Check Point gateway, some form of NAT is required.
Generally HIDE NAT is used.

topic Re: Incoming traffic inspection - GCP in Cloud Firewall

Incoming traffic inspection - GCP

Re: Incoming traffic inspection - GCP