cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

BGP over VPN between Azure.docx

Documentation which explains how to deploy a site to site VPN between an Azure VPN Gateway and Check Point R80.10 Gateway with BGP routing exchange via route based vpn.

Tags (1)
9 Replies
Highlighted

Re: BGP over VPN between Azure.docx

I've read that VTI is not supported in VSX mode.  Can I follow this procedure in VSX mode?

0 Kudos
Highlighted
Employee+
Employee+

Re: BGP over VPN between Azure.docx

Sorry, vti and VSX still don't work together

0 Kudos
Highlighted

Re: BGP over VPN between Azure.docx

Confirmed, and I suspect the reason for this limitation is that VTI's are implemented by a completely separate kernel module called vpntmod.  VSX runs pretty much completely in process space.

Book "Max Power 2020: Check Point Firewall Performance Optimization" Third Edition
Now Available at www.maxpowerfirewalls.com
0 Kudos
Highlighted

Re: BGP over VPN between Azure.docx

Hi, I have a R80.10 Management and a cluster gateway R77.30. Can I follow this procedure? any aditional advice?

0 Kudos
Highlighted

Re: BGP over VPN between Azure.docx

Yes

Sent from my iPhone

0 Kudos
Highlighted

Re: BGP over VPN between Azure.docx

Hi All, I've been trying to setup VPN to Azure with BGP (I've had no problems setting up standard VPN to Azure but require BGP for dynamic routing and thus bigger VPN to Azure, as we don't want to by an Express Route). I don't understand what this is trying to say in the document;

0 Kudos
Highlighted
Ivory

Re: BGP over VPN between Azure.docx

Sorry to come back to this one.. 

On the "Interoperable Device" shouldnt the topology be the "External IP of the Azure GW" & the Azure VNET Address Space?

 

Why would i need to set my own CP External IP + Internal Subnet (on CP side) on the Interoperable Device referencing Azure?

0 Kudos
Highlighted

Re: BGP over VPN between Azure.docx

For the Azure gateway object you have to manually set the topology (on normal gateway you just fetch) and the encryption domain.

Let me know if this isn’t clear.

Sent from my iPhone

0 Kudos
Highlighted
Ivory

Re: BGP over VPN between Azure.docx

Hi Juan,

Would you happen to know if these steps also apply to Checkpoint R80.30 ?

 

 

0 Kudos