This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Danny
Champion Champion
Champion
‎2017-10-10 09:29 AM

Check Point Site-to-Site VPN Compatibility Matrix

https://lh6.ggpht.com/pH5d9VdGgtFUPA_L7UPAYkdTSIOYNwzAu0x23RVbxIjZlEWxjUrrWS3oYtWgM24e2ew=w150

This document is a community project showcasing a matrix of Check Point Site-to-Site IPsec-VPN setups known to work with other vendors, tested and evaluated by members of Check Point's CheckMates community.

Check Point Other VPN vendor VPN method: Evaluated by:
R77.30, R80.10 Cisco ASA IKEv1, IKEv2 @Danny
R77.30 Sophos UTM IKEv1 @Danny
R77.30 Fortinet Fortigate IKEv1 @Danny
R77.30 WatchGuard XTM IKEv1 @Danny
R77.30 Juniper SRX IKEv1 @Danny
R77.30 (vSEC on AWS) Azure VPN (Basic) IKEv1 @Ron_N
R77.30 (vSEC on AWS) Azure VPN (High Performance) IKEv2 @Ron_N


Also see: VPN Datasheet

13 Replies
PhoneBoy
Admin
Admin
‎2017-10-10 04:33 PM

Channeling Moti Sagey‌ as I write this response

Moti
Admin
Admin
‎2017-10-11 01:06 AM

LOL 

Nikita_Mashko
Explorer
‎2018-09-22 03:16 AM

Hi! help me please!

How do I configure the VPN Site (Site to site) on the 1490 device (webGUI) - ??

1 device = chqckpiont 1490

2 device = watchguard m200 (configured)

with a checkpoint 1490 (web GUI), I have never worked.

I've tried many options for setting the checkpoint

what you need to configure except: VPN -VPN Sites ?

0 Kudos
PhoneBoy
Admin
Admin
‎2018-09-22 02:47 PM

Not knowing anything about Watchguard systems, I can't tell you exactly what knobs you need to turn to make them talk.

But finding the answers to the following questions will help: what information do we need from the remote site customer when creating site to site VPN? 

See also: Check Point 1100/1200R/1400 Appliances Locally Managed R77.20.80 Administration Guide 

0 Kudos
Nikita_Mashko
Explorer
‎2018-09-23 10:36 PM

I do not need Watshgard settings, I need to understand what I need to configure in checkpoint. what settings, which menu to go to? - it is through the WEB GUI

0 Kudos
PhoneBoy
Admin
Admin
‎2018-09-24 05:13 AM

The documentation I linked above should describe how to configure it.

Visually, you'd start here:

If your device is set for Central management, you will not see this menu.

That can be changed here:

0 Kudos
SantiagoPlatero
Collaborator
‎2018-11-08 08:44 AM

Hi all, don't know what the requirements are but I want to let you know I'm in condition to contribute with success cases for working S2S VPN from CP's R80.10 to Cisco ASA 5505(8.3) and/or Fortigate 600c(OS 5.2.4).

The S2S to Cisco ASA was fully developed by us (also we do a VPN from a CP 1450 R77.20.80 to the same ASA), but to the Fortigate was done by other people on the other side (maybe the next year will have some Fortigate here to play around).

Also the S2S to the Fortigate is a kind of a tricky one, as on the other side they have same subnets as we do, so we've to do some weird static NAT rules to make it work and don't overlap encryption domains.

Let me know how can I help the community with this, thanks

0 Kudos
Aidan_Luby
Collaborator
‎2019-09-24 01:36 PM

We ran a site to site VPN from a 2200 to a Cisco 2911 ISR until recently and it mostly worked okay.

0 Kudos
Johannes_Schoen
Collaborator
‎2019-09-24 11:49 PM
In response to Aidan_Luby

Palo Alto Networks works as well with IKEv1, verified with R77.30/R80.10/R80.20
Hadn't got it running with IKEv though.
0 Kudos
eball
Explorer
‎2020-09-16 03:03 AM

Hi @Danny - just wondering if there was an updated version of this anywhere? Looking at compatibility issues of R80.40 with Juniper SRX on IKEv2

 

0 Kudos
Danny
Champion Champion
Champion
‎2020-09-16 03:43 AM
In response to eball

This list lives from the replies of this community. Please describe your issues in more detail.

0 Kudos
eball
Explorer
‎2020-09-16 04:04 AM

Hi @Danny just wondering if there was a more recently updated version of this? Looking at some issues R80.40 to Juniper SRX on IKEv2

0 Kudos
Danny
Champion Champion
Champion
‎2020-09-16 08:49 AM
In response to eball

Again, this list as update-to-date as you make it.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events