- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- How to setup a basic AWS vSEC with a VPN back to H...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to setup a basic AWS vSEC with a VPN back to Home office?
We have been having major difficulties setting up the most basic configuration for our office. We have spoken to 5 Checkpoint engineers over 3 weeks and still have not been able to get the firewall online.
Here is the layout and the request:
We have a central office that we VPN from to the AWS Checkpoint Vsec device. We have 1 server in AWS in our VPC.
We are trying to have all traffic coming into the VPC from our office go through the firewall and any traffic leaving the VPC go through the firewall as well.
The issue we have is a routing issue. We seem to not be able to get both the server and the Firewall to talk back to our central office. We can see the firewall, and push policies, but cannot see the server behind it. In order for the Vsec device to get to the internet, there has to be a static route of 0.0.0.0/0 to inetgateway in your VPC, and then we place our internal subnets pointing to the interface on the Vsec device.
The traffic will go to the firewall, but never come back to the office. No pings, nothing. Like a black hole. All the rules are wide open.
I don't understand how the most simple AWS VPC deployment has brought a Vsec to its knees and no one can figure this out...
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
3 | |
2 | |
2 | |
1 |
Thu 09 May 2024 @ 05:00 PM (CEST)
Under the Hood: Automate Azure Virtual WAN security deployments with Terraform