- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Re: CG IaaS HA | Manage azure Public IPs associate...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
CG IaaS HA | Manage azure Public IPs associated to VMs, whithin CheckPoint
Hello all,
We're implementing a Cloud Guard IaaS solution on Microsoft Azure.
Currently our Virtual Machines are published directly to the Internet using their corresponding Public IP address and ACL's are configured using Network Security Groups.
We're routing this outbound traffic to Check Point gateway using an Azure Route Table and it works fine.
Now we're trying to configure Inbound NAT to these same virtual machines through Check Point but it's not working.
What we've done until now:
1 - Configured a static route in both Check Point gateways destined to source Virtual Machine's network through Check Point's backend interface;
2 - Associated Virtual Machines' Public IP address to Check Point's frontend Load Balancer object in Azure;
3 - In Check Point, created a firewall policy destined to Check Point cluster object and allowing our traffic;
4 - Created an Inbound NAT rule in Check Point to translate traffic destined to Check Point cluster object to be translated into Virtual Machine object.
1 - Configured a static route in both Check Point gateways destined to source Virtual Machine's network through Check Point's backend interface;
2 - Associated Virtual Machines' Public IP address to Check Point's frontend Load Balancer object in Azure;
3 - In Check Point, created a firewall policy destined to Check Point cluster object and allowing our traffic;
4 - Created an Inbound NAT rule in Check Point to translate traffic destined to Check Point cluster object to be translated into Virtual Machine object.
Thanks for your help!
Best regards,
Dmitry
- Tags:
- Cloud Guard IAAS
1 Reply
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What precise results are you getting?
What are you seeing in the logs?
Have you confirmed the traffic even reaches the gateway?
What version/JHF level?
What are you seeing in the logs?
Have you confirmed the traffic even reaches the gateway?
What version/JHF level?