https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17346#M2932 <HTML><HEAD></HEAD><BODY><P>From what end is the above log entry?</P><P>Not clear from your description.</P><P></P><P>In any case, having the remote end include the public IP of your gateway in their definition of the encryption domain might also help.</P></BODY></HTML> Wed, 19 Dec 2018 13:41:37 GMT PhoneBoy 2018-12-19T13:41:37Z https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17343#M2929 <HTML><HEAD></HEAD><BODY><P>Hi all,</P><P></P><P>This is my first time using checkmate. I just want to ask some question regarding sending Syslog using LogExporter via Site-to-Site (S2S) VPN. Basically, we want to create S2S VPN with 3rd party firewall. I have done configure&nbsp;interoperable device on SmartConsole. The issue is when I trying to ping from my checkpoint management to other SIEM server, the connection is drop. (You may refer my network diagram for detail). From another side, they said I advertise&nbsp;my VPN tunnel using Public IP instated local subnet</P><P></P><P>I have viewed the log from SmartView tracker and here the detail log;</P><P>Traffic</P><P>Source: y.y.y.4 (physical Public IP Gateway)</P><P>Destination: x1.x1.x1.10 (External Syslog Server)</P><P>Protocol: ICMP</P><P>Interface: eth1 (Public IP Port)</P><P>More</P><P>NAT additional rule number: 0</P><P>NAT rule number: 0</P><P>Xlate Src: y.y.y.5 (Virtual Public IP Gateway)</P><P>VPN Peer Gateway: y.1.y1.y1.2 (Public IP 3rd Party Firewall)</P><P></P><P>From 3rd party firewall side, they define my&nbsp;peer local subnet as x.x.x.253 and x.x.x.200. On my VPN Domain, I have&nbsp;set IP x1.x1.x1.10. Should I create manual NAT on CheckPoint or define CheckPoint Public IP as peer local subnet?</P><P></P><P>Can someone advise me on this?&nbsp;Thank you in advance</P></BODY></HTML> Tue, 18 Dec 2018 15:12:23 GMT https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17343#M2929 Aiman_Azzim 2018-12-18T15:12:23Z https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17344#M2930 <HTML><HEAD></HEAD><BODY><P>Make sure your VPN community has NAT disabled:</P><P></P><P><IMG class="j-img-floatstart image-1 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/76487_pastedImage_1.png" style="float: left;" /></P></BODY></HTML> Wed, 19 Dec 2018 00:03:53 GMT https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17344#M2930 PhoneBoy 2018-12-19T00:03:53Z https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17345#M2931 <HTML><HEAD></HEAD><BODY><P>Hello Dameon,</P><P></P><P>Yes, I already tick on "disable NAT inside the VPN community"</P><P></P><P>thanks,</P></BODY></HTML> Wed, 19 Dec 2018 01:52:46 GMT https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17345#M2931 Aiman_Azzim 2018-12-19T01:52:46Z https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17346#M2932 <HTML><HEAD></HEAD><BODY><P>From what end is the above log entry?</P><P>Not clear from your description.</P><P></P><P>In any case, having the remote end include the public IP of your gateway in their definition of the encryption domain might also help.</P></BODY></HTML> Wed, 19 Dec 2018 13:41:37 GMT https://community.checkpoint.com/t5/General-Topics/Send-Log-to-other-SIEM-server-using-site-to-site-VPN/m-p/17346#M2932 PhoneBoy 2018-12-19T13:41:37Z