https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216794#M41298 <P>That would explain blades "behavior". As far as rules, you can apply same policy, should not be an issue.</P> Fri, 07 Jun 2024 06:03:48 GMT the_rock 2024-06-07T06:03:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216313#M41236 <P>Hi</P> <P>I got this new 1575 appliance and now with 30 days license, <STRONG>all blades are greyed out except for firewall blade.</STRONG></P> <P><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="smb-greyed-out.JPG" style="width: 534px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/26069iC38CAE9151BBFEB7/image-size/large?v=v2&amp;px=999" role="button" title="smb-greyed-out.JPG" alt="smb-greyed-out.JPG" /></span></STRONG></P> <P>&nbsp;</P> <P><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="topology1.jpg" style="width: 812px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/26059iF4A35A0742533E7F/image-size/large?v=v2&amp;px=999" role="button" title="topology1.jpg" alt="topology1.jpg" /></span></STRONG></P> <P data-sourcepos="7:1-7:1">&nbsp;</P> <P><SPAN>The appliance has been successfully added to Smart Management Server (SMS) using a dynamic IP address.</SPAN></P> <P><STRONG>Our goal</STRONG><SPAN> is to configure this appliance to function solely as a VPN Gateway.</SPAN><SPAN> This means all traffic will be routed through a VPN tunnel to a central office where it will be subjected to policy enforcement.</SPAN></P> <P><LI-WRAPPER></LI-WRAPPER></P> <P>Can you please advise on how to implement this setup?"</P> <P>&nbsp;</P> <DIV class="container">&nbsp;</DIV> <P><LI-WRAPPER></LI-WRAPPER></P> <P data-sourcepos="15:1-15:96">&nbsp;</P> <P><LI-WRAPPER></LI-WRAPPER></P> Tue, 04 Jun 2024 10:54:31 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216313#M41236 Moudar 2024-06-04T10:54:31Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216622#M41274 <P>Is the 1575 managed by the SMS or has been added as an external object?<BR />If centrally managed, all of the configuration is done there:&nbsp;<A href="https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SitetoSiteVPN_AdminGuide/Content/Topics-VPNSG/Getting-Started.htm?Highlight=route%20all%20traffic" target="_blank">https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SitetoSiteVPN_AdminGuide/Content/Topics-VPNSG/Getting-Started.htm?Highlight=route%20all%20traffic</A><BR />If locally managed, then you will also need to perform configurations here:&nbsp;<A href="https://sc1.checkpoint.com/documents/SMB_R81.10.X/AdminGuides_Locally_Managed/EN/Content/Topics/Configuring-Site-to-Site-VPN-Blade.htm" target="_blank">https://sc1.checkpoint.com/documents/SMB_R81.10.X/AdminGuides_Locally_Managed/EN/Content/Topics/Configuring-Site-to-Site-VPN-Blade.htm</A><BR />"Route all traffic" is a supported configuration in either case.</P> Thu, 06 Jun 2024 01:12:18 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216622#M41274 PhoneBoy 2024-06-06T01:12:18Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216791#M41297 <P>1575 is managed by the SMS (centrally managed).</P> <P>If the central office has more blades enabled than the branch office, and we need to use the 'Star community – To center or through the center to other satellites, to Internet and other VPN targets' option, how can we install the same policy rule? Do we need to create a new policy specifically for the branch office?</P> <P>Or maybe we don't need to install the same policy on branch office? Only 2-3 rules to send the traffic through the VPN?!</P> Fri, 07 Jun 2024 04:53:31 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216791#M41297 Moudar 2024-06-07T04:53:31Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216794#M41298 <P>That would explain blades "behavior". As far as rules, you can apply same policy, should not be an issue.</P> Fri, 07 Jun 2024 06:03:48 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216794#M41298 the_rock 2024-06-07T06:03:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216885#M41315 <P>You'll probably want to install a different policy package on the branch office with just the rules you need.</P> Fri, 07 Jun 2024 20:44:22 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/SMB-1575-blades-greyed-out/m-p/216885#M41315 PhoneBoy 2024-06-07T20:44:22Z