This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Cathy_Cheng
Participant
‎2026-03-15 11:02 PM
Jump to solution

Cloudguard AWS -endpoint security remote access vpn address pool

We have deployed a CloudGuard cluster across multiple AWS Availability Zones in HA mode and are planning to enable Endpoint Remote Access VPN. The CloudGuard gateway will assign DHCP IP addresses to VPN clients.

1. The DHCP pool does not belong to any AWS VPC CIDR range. It is a local subnet in the cloudguard gateway. Is it correct ?

 

2. Other VPCs will route traffic destined for the VPN client pool  to the CloudGuard VPC, and then the CloudGuard VPC route table set up to route traffic destined for the VPN client IP pool to the active member ENI. Is it correct ? 

Thanks in advance for any response 

0 Kudos
1 Solution

Accepted Solutions
Nir_Shamir
Employee Employee
Employee
‎2026-03-16 12:47 AM
Jump to solution

when you say "DHCP IP addresses" you mean the local office mode ip addresses or are you actually using a DHCP Server to assign IP addresses ?

the local office mode ip addresses pool are ip addresses assigned by the GW to the clients and it is local to the GW's.

Regarding the route you are correct, you need to return the traffic toward the remote access clients towards the GW, unless you are hiding them behind the GW using NAT.

View solution in original post

1 Reply
Nir_Shamir
Employee Employee
Employee
‎2026-03-16 12:47 AM
Jump to solution

when you say "DHCP IP addresses" you mean the local office mode ip addresses or are you actually using a DHCP Server to assign IP addresses ?

the local office mode ip addresses pool are ip addresses assigned by the GW to the clients and it is local to the GW's.

Regarding the route you are correct, you need to return the traffic toward the remote access clients towards the GW, unless you are hiding them behind the GW using NAT.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events