https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49361#M9665 <P>You can only have one default gateway on a given device, which should generally point towards the Internet.</P> <P>To be able to reach internal networks from your gateway, you will need to create specific routes for each network pointing to the next hop required to reach that network.&nbsp;</P> <P>Again, a network diagram would be exceptionally helpful.</P> Sun, 31 Mar 2019 16:03:19 GMT PhoneBoy 2019-03-31T16:03:19Z https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49299#M9658 <P>Hi Checkmate,&nbsp;</P><P>I will greatly appreciate if anyone could help me after a week of fruitless research as I am new learner. I am using a checkpoint 4200 with gaia R77.30 on it, I have enable Vlan 10 for my inside to access the internet and the interface mgmt is on different VLAN.</P><P>I am using a Cisco switch L3 configure with several VLANs, my question is how to configure the checkpoint for all the default gateways to allow inside mgmt&nbsp;</P><P>&nbsp;</P> Sat, 30 Mar 2019 17:55:55 GMT https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49299#M9658 BNgala 2019-03-30T17:55:55Z https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49314#M9660 A network diagram would be very helpful. Sun, 31 Mar 2019 01:04:13 GMT https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49314#M9660 PhoneBoy 2019-03-31T01:04:13Z https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49315#M9661 <P>From my previous post,</P><P>I would like to know how could I configure the default gateway to allow the inside to access the internet and the default gateway for the inside management.</P><P>for example in cisco is ip route 0.0.0.0 &nbsp;0.0.0.0 (ip address) default gateway, so how to configure this in checkpoint.</P><P>&nbsp;</P><P>many thanks.</P> Sun, 31 Mar 2019 01:21:46 GMT https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49315#M9661 BNgala 2019-03-31T01:21:46Z https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49321#M9662 <P>Here is an nice documentation:</P> <P><A href="https://community.checkpoint.com/t5/The-CheckMates-Blog/Welcome-to-Check-Point-for-Beginners/ba-p/31877" target="_self">Check Point for Beginners</A></P> Sun, 31 Mar 2019 08:51:59 GMT https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49321#M9662 HeikoAnkenbrand 2019-03-31T08:51:59Z https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49325#M9663 <P><SPAN>Hi <a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/28018">@BNgala</a>&nbsp;</SPAN></P> <P><SPAN>I agree with&nbsp; <a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/7">@PhoneBoy</a>&nbsp; a network diagram would be very helpful.</SPAN></P> <P><SPAN>I don't understand the question 100%.</SPAN></P> <P>&nbsp;</P> <P><SPAN>1) Add three interfaces in GAIA</SPAN></P> <P><SPAN>a) external (for&nbsp;example eth1) &gt; internet</SPAN></P> <P><SPAN>b) internal lan (for example eth2.123) &gt; your network</SPAN></P> <P><SPAN>c) management (for example eth2.10) &gt; your management vlan</SPAN></P> <P><SPAN>&nbsp; &nbsp; (set this interface to management)</SPAN></P> <P><SPAN>2) On Cisco switch allow only the used vlan's on the trunk&nbsp;(for example vlan 10 and vlan 123)</SPAN></P> <P><SPAN>3) Add the default route in GAIA to internet</SPAN></P> <P><SPAN>4) In the SmartConsole</SPAN></P> <P><SPAN>&nbsp;a) In the gateway object get the interface topology&nbsp;</SPAN></P> <P><SPAN>&nbsp;b) Set IP spoofing (external to external interface (for example eth1) , internal lan (for example eth2.123) to &gt; network topology) and management&nbsp;(for example eth2.10) to &gt; network topology)</SPAN></P> <P><SPAN>&nbsp;c) On the gateway objekt enable hide NAT</SPAN></P> <P><SPAN>&nbsp;d) Add access rules</SPAN></P> <P><SPAN>&nbsp;</SPAN></P> Sun, 31 Mar 2019 09:27:14 GMT https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49325#M9663 HeikoAnkenbrand 2019-03-31T09:27:14Z https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49361#M9665 <P>You can only have one default gateway on a given device, which should generally point towards the Internet.</P> <P>To be able to reach internal networks from your gateway, you will need to create specific routes for each network pointing to the next hop required to reach that network.&nbsp;</P> <P>Again, a network diagram would be exceptionally helpful.</P> Sun, 31 Mar 2019 16:03:19 GMT https://community.checkpoint.com/t5/General-Topics/CP-Gateway-Management/m-p/49361#M9665 PhoneBoy 2019-03-31T16:03:19Z