This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Gustavo_Ferreir
Contributor
4 weeks ago

Help with Remote Access concentrator in Azure

Hello,

I'd like to share a scenario and see if anyone has experienced something similar and what your experience was.

I plan to deploy a Check Point cluster in Azure to act as a VPN concentrator for remote users. In the worst-case scenario, there will be around 2,000 concurrent users.

My concern is about the connection table. Due to a particularity of the environment, I can't configure routing within Azure to send packets originating from the Office Mode network back to the Check Point, so I'll need to use Hide NAT.

In Azure, I'm also unable to allocate additional IP addresses to the Check Point's back-end interface in order to create a NAT pool with multiple addresses. As a result, all 2,000 users will be sharing a single NAT IP. Could this cause the connection table to become overloaded?

 

 

Thank you.

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
4 weeks ago

There's a limit to the number of HIDE NAT connections to a single destination IP (50,000).
This is probably the limit you will hit before you exhaust the overall connection table.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events