Create a Post
Showing results for 
Search instead for 
Did you mean: 
Jump to solution

VPN tunnel between checkpoints

Hi, guys nice to be part of this community.

This is my first time with checkpoint and I'm facing bizarre behavior.

We have a Check Point Gaia R81.10 cloud version running on AWS; on the other hand, a Cluster XL 81.10.

Both of them have multiple (at least 5) IPsec VPN tunnels to different non-checkpoint gateways that are working without any problem. We use those tunnels to share BGP routes between the gw and CP-FWs

The issue starts when we try to create a VPN tunnel with the CP on AWS and the Cluster using the next config.


Star Community 

center: CP-AWS  Satellite: CP-CLUSTER XL

VPN domain route-based,

allow traffic,

any encryption,

tunnel management per gateway no permanent

and then everything by default 

As soon as we create the tunnel we saw in the Checkpoint smartview Monitor that the tunnel was created with the incorrect members.

Like: on TEST community CP-CLUSTER XL to NONCPGW(an interoperable device)

They are not (CP-AWS and the NONCPGW) in the same subnet or something similar, the only thing that they share is that both of the CP-FW have a tunnel and a session BGP to this NONCPGW.

Did you face this behavior before? maybe an SK related? 

Thank you




0 Kudos
5 Replies
This widget could not be displayed.