- CheckMates
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- CG IaaS HA | Manage azure Public IPs associated to...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Dmitry_Kolt
Explorer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2020-04-22
12:50 PM
CG IaaS HA | Manage azure Public IPs associated to VMs, whithin CheckPoint
Hello all,
We're implementing a Cloud Guard IaaS solution on Microsoft Azure.
Currently our Virtual Machines are published directly to the Internet using their corresponding Public IP address and ACL's are configured using Network Security Groups.
We're routing this outbound traffic to Check Point gateway using an Azure Route Table and it works fine.
Now we're trying to configure Inbound NAT to these same virtual machines through Check Point but it's not working.
What we've done until now:
1 - Configured a static route in both Check Point gateways destined to source Virtual Machine's network through Check Point's backend interface;
2 - Associated Virtual Machines' Public IP address to Check Point's frontend Load Balancer object in Azure;
3 - In Check Point, created a firewall policy destined to Check Point cluster object and allowing our traffic;
4 - Created an Inbound NAT rule in Check Point to translate traffic destined to Check Point cluster object to be translated into Virtual Machine object.
1 - Configured a static route in both Check Point gateways destined to source Virtual Machine's network through Check Point's backend interface;
2 - Associated Virtual Machines' Public IP address to Check Point's frontend Load Balancer object in Azure;
3 - In Check Point, created a firewall policy destined to Check Point cluster object and allowing our traffic;
4 - Created an Inbound NAT rule in Check Point to translate traffic destined to Check Point cluster object to be translated into Virtual Machine object.
Thanks for your help!
Best regards,
Dmitry
- Tags:
- Cloud Guard IAAS
1 Reply

Admin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2020-04-25
06:57 PM
What precise results are you getting?
What are you seeing in the logs?
Have you confirmed the traffic even reaches the gateway?
What version/JHF level?
What are you seeing in the logs?
Have you confirmed the traffic even reaches the gateway?
What version/JHF level?
