This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sajid_Abbas
Contributor
‎2018-09-23 11:00 PM

Communicating AWS vSEC with On-Prem SMS and GW

Hi,

I have some queries regarding AWS vsec and on prem communication

1. I have added AWS cloudguard (CG) instance on our on-premise SMS through CG public IP address. This has been successfully added and SIC established. Is this the best way to add CG.

2. I have configured VPN between on-prem GW and CG. This is not being established due to certificate error as also mentioned in previous update. On further checking the logs of CG, i saw it could not retrieve CRL.

3. One VPN is being negotiated, does communication to CG Public IP including retrieving CRL go through VPN

4. We have seen this that communication to external GW Public IP (which is also peer IP address for VPN) stops working. Is there anyway to exclude this so CG can keep communicating with on prem servers

5. We are unable to see logs from this CG. The reason could be that log servers have local IP address on their object which is not recognised by CG.

I would appreciate if somone can advise on what are the best practices around the above queries.

Sajid

8 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events