Denis_Clancy
Explorer

R77.30 VPN to AWS - Manually defined encryption domain (subnet clash)

Jump to solution

Hi Folks,

I was hoping you could help me out with a query. I'm in the process of setting up a VPN to Amazon AWS. Following the checkpoint guide below.

Solution ID: sk100726

How to configure IPsec VPN tunnel between Check Point Security Gateway and Amazon Web Services VPC u... 

I had a question around the statement below:

What needs to be done in the instance that a local network that will be served by the AWS VPN is already defined manually as part of another existing VPN domain on the R77.30 cluster?

I am unable to remove it from the existing VPN domain as per the instruction because the local subnet will continue to require access via the existing VPN.

Thanks in advance guys.

0 Kudos
Reply
1 Solution

Accepted Solutions
Vladimir
Champion
Champion

You can try some of the solutions listed here:

Troubleshooting Overlapping Encryption Domains Issues 

If I recall correctly, I've used some crazy NAT rules to phantom objects to overcome similar issue.

View solution in original post

2 Replies
Vladimir
Champion
Champion

You can try some of the solutions listed here:

Troubleshooting Overlapping Encryption Domains Issues 

If I recall correctly, I've used some crazy NAT rules to phantom objects to overcome similar issue.

View solution in original post

Denis_Clancy
Explorer

Thank Vladimir, I'll dig through that article.

Denis

0 Kudos
Reply