https://community.checkpoint.com/t5/Firewall-and-Security-Management/Route-Internet-traffic-through-S2S/m-p/233969#M45316 <P>You'll need a Star VPN Community configured as follows:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/28572i9C5F71A39158B2A7/image-size/medium?v=v2&amp;px=400" role="button" title="image.png" alt="image.png" /></span></P> <P>Even if the SMB devices are not managed centrally, you can configure the remote site to be "Route all traffic":</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/28573i4EFAAD4C817CB41A/image-size/medium?v=v2&amp;px=400" role="button" title="image.png" alt="image.png" /></span></P> <P>So definitely possible.</P> Wed, 27 Nov 2024 16:25:55 GMT PhoneBoy 2024-11-27T16:25:55Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Route-Internet-traffic-through-S2S/m-p/233951#M45310 <P>Hi all,</P> <P>we have a central VPN-Gateway&nbsp;R81.20 and several&nbsp;Quantum Spark 1550 Appliance&nbsp;R81.10.08</P> <P>All&nbsp;Appliance are connected to the Central VPN-Gateway via S2S VPN to access some internal resources behind&nbsp;VPN-Gateway.</P> <P>Now I was given a task to&nbsp;<SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="0:9">set</SPAN><SPAN> up </SPAN><SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="10:3">everything</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="14:3">so</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="19:5">that</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="25:8">Internet</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="34:6">traffic</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="41:2">from</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="44:8">branches</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="53:3">goes</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="57:5">through</SPAN><SPAN> a S2S&nbsp;</SPAN><SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="63:3">VPN</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="67:1">and</SPAN><SPAN>&nbsp;the&nbsp;</SPAN><SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="69:11">central</SPAN> <SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="81:7">gateway. Where can I begin?&nbsp;<SPAN>I </SPAN>guess I need<SPAN> to </SPAN>either set<SPAN> up a </SPAN>policy or enable<SPAN> a check </SPAN>mark<SPAN> somewhere </SPAN>to route everything through<SPAN> a </SPAN>VPN. If<SPAN>, of </SPAN>course<SPAN>, </SPAN>it<SPAN> is </SPAN>even possible</SPAN></P> <P><SPAN class="EzKURWReUAB5oZgtQNkl" data-src-align="81:7">Thank you!</SPAN></P> Wed, 27 Nov 2024 15:47:06 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Route-Internet-traffic-through-S2S/m-p/233951#M45310 Exonix 2024-11-27T15:47:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Route-Internet-traffic-through-S2S/m-p/233969#M45316 <P>You'll need a Star VPN Community configured as follows:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/28572i9C5F71A39158B2A7/image-size/medium?v=v2&amp;px=400" role="button" title="image.png" alt="image.png" /></span></P> <P>Even if the SMB devices are not managed centrally, you can configure the remote site to be "Route all traffic":</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/28573i4EFAAD4C817CB41A/image-size/medium?v=v2&amp;px=400" role="button" title="image.png" alt="image.png" /></span></P> <P>So definitely possible.</P> Wed, 27 Nov 2024 16:25:55 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Route-Internet-traffic-through-S2S/m-p/233969#M45316 PhoneBoy 2024-11-27T16:25:55Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Route-Internet-traffic-through-S2S/m-p/233971#M45317 <P>What&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/7">@PhoneBoy</a>&nbsp;mentioned is EXACTLY what you need.</P> <P>Andy</P> Wed, 27 Nov 2024 16:42:30 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Route-Internet-traffic-through-S2S/m-p/233971#M45317 the_rock 2024-11-27T16:42:30Z