- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Communicating AWS vSEC with On-Prem SMS and GW
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Communicating AWS vSEC with On-Prem SMS and GW
Hi,
I have some queries regarding AWS vsec and on prem communication
1. I have added AWS cloudguard (CG) instance on our on-premise SMS through CG public IP address. This has been successfully added and SIC established. Is this the best way to add CG.
2. I have configured VPN between on-prem GW and CG. This is not being established due to certificate error as also mentioned in previous update. On further checking the logs of CG, i saw it could not retrieve CRL.
3. One VPN is being negotiated, does communication to CG Public IP including retrieving CRL go through VPN
4. We have seen this that communication to external GW Public IP (which is also peer IP address for VPN) stops working. Is there anyway to exclude this so CG can keep communicating with on prem servers
5. We are unable to see logs from this CG. The reason could be that log servers have local IP address on their object which is not recognised by CG.
I would appreciate if somone can advise on what are the best practices around the above queries.
Sajid
- Tags:
- vsec aws
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
2 | |
2 | |
1 | |
1 | |
1 |
Thu 09 May 2024 @ 05:00 PM (CEST)
Under the Hood: Automate Azure Virtual WAN security deployments with Terraform