This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ilovecheckpoint
Participant
‎2024-05-06 02:15 PM

ISP redundancy and remote access

Hello, 

In our organization, gateways, are appliances on HA and managed by public ip address, on distributed environment.

External gateways are connected to Internet via layer 2 switches.

Remote sites have dual ISP, configured as primary/backup ISP redundancy.

PC use ipsec vpn on office mode.

When ISP1 fails, vpn site to site peer works correctly, as per Checkpoint mechanism to modify default route via ISP2 (even if it is not possible to install policies when ISP1 fails).

Anyway, we would love to achieve, pc on vpn, on case of ISP1 fails, to continue to work switching automatically ( as preferred ) to isp2.

Currently, it doesn't work and even configuring manually on a pc, as site the gateway ISP2 address , the remote access vpn doesn't turn on.

Is there any solution?

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2024-05-06 03:22 PM

See: https://support.checkpoint.com/results/sk/sk174207
The user will have to reconnect when the connection fails over.

0 Kudos
EVSolovyev
Collaborator
Friday
In response to PhoneBoy

hello. it seems, sk174207 have been removed. interesting why.

2024-11-22_124635.png

0 Kudos
PhoneBoy
Admin
Admin
Friday
In response to EVSolovyev

This SK has been moved to Internal partition per R&D.
The procedure in this SK was a bit of a workaround involving MEP that didn't work for everyone.
Officially, "This feature is not included in the product. If you need it, please submit a Request for Enhancement as described in sk71840."
I would also engage with your local Check Point office.

 

EVSolovyev
Collaborator
Saturday
In response to PhoneBoy

Okay, thank you for the information.

0 Kudos
the_rock
Legend
Legend
Saturday
In response to EVSolovyev

I tried accessing that same sk the other day and was surprised it was not available. Now it makes sense as to why 🙂

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events