cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Danny
Pearl

Check Point Site-to-Site VPN Compatibility Matrix

https://lh6.ggpht.com/pH5d9VdGgtFUPA_L7UPAYkdTSIOYNwzAu0x23RVbxIjZlEWxjUrrWS3oYtWgM24e2ew=w150

This document is a community project showcasing a matrix of Check Point Site-to-Site IPsec-VPN setups known to work with other vendors, tested and evaluated by members of Check Point's CheckMates community.

Check PointOther VPN vendorVPN method:Evaluated by:
R77.30, R80.10Cisco ASAIKEv1, IKEv2Danny Jung
R77.30Sophos UTMIKEv1Danny Jung
R77.30Fortinet FortigateIKEv1Danny Jung
R77.30WatchGuard XTMIKEv1Danny Jung
R77.30Juniper SRXIKEv1Danny Jung
R77.30 (vSEC on AWS)Azure VPN (Basic)IKEv1Ron N
R77.30 (vSEC on AWS)Azure VPN (High Performance)IKEv2Ron N

Also see: VPN Datasheet

7 Replies
Admin
Admin

Re: Check Point Site-to-Site VPN Compatibility Matrix

Channeling Moti Sagey‌ as I write this response

Admin
Admin

Re: Check Point Site-to-Site VPN Compatibility Matrix

LOL 

Re: Check Point Site-to-Site VPN Compatibility Matrix

Hi! help me please!

How do I configure the VPN Site (Site to site) on the 1490 device (webGUI) - ??

1 device = chqckpiont 1490

2 device = watchguard m200 (configured)

with a checkpoint 1490 (web GUI), I have never worked.

I've tried many options for setting the checkpoint

what you need to configure except: VPN -VPN Sites ?

0 Kudos
Admin
Admin

Re: Check Point Site-to-Site VPN Compatibility Matrix

Not knowing anything about Watchguard systems, I can't tell you exactly what knobs you need to turn to make them talk.

But finding the answers to the following questions will help: what information do we need from the remote site customer when creating site to site VPN? 

See also: Check Point 1100/1200R/1400 Appliances Locally Managed R77.20.80 Administration Guide 

0 Kudos

Re: Check Point Site-to-Site VPN Compatibility Matrix

I do not need Watshgard settings, I need to understand what I need to configure in checkpoint. what settings, which menu to go to? - it is through the WEB GUI

0 Kudos
Admin
Admin

Re: Check Point Site-to-Site VPN Compatibility Matrix

The documentation I linked above should describe how to configure it.

Visually, you'd start here:

If your device is set for Central management, you will not see this menu.

That can be changed here:

0 Kudos

Re: Check Point Site-to-Site VPN Compatibility Matrix

Hi all, don't know what the requirements are but I want to let you know I'm in condition to contribute with success cases for working S2S VPN from CP's R80.10 to Cisco ASA 5505(8.3) and/or Fortigate 600c(OS 5.2.4).

The S2S to Cisco ASA was fully developed by us (also we do a VPN from a CP 1450 R77.20.80 to the same ASA), but to the Fortigate was done by other people on the other side (maybe the next year will have some Fortigate here to play around).

Also the S2S to the Fortigate is a kind of a tricky one, as on the other side they have same subnets as we do, so we've to do some weird static NAT rules to make it work and don't overlap encryption domains.

Let me know how can I help the community with this, thanks

0 Kudos