Exact need is below From COMPANY A without disturbing topology of Company B
- Checkpoint Gateway In Proxy Mode (Explicit Proxy )
- AD authentication
- SSL VPN
- IP based Internet and MPLS Connectivity .
Present Setup
-------------------------------------------------------------------
MPLS A and MPLS B is connected with L3 Switch
Presently Users Of Company B and Company A are using internet through MPLS B
== LAN USER configured with Proxy à L3 Switchà MPLS B à Internet of Company B ( Different GEO Location )
== LAN User Who wanted to use Application behind mpls A à L3 à MPLS Aà Application Server
In lan side user which is behind l3 Switch (some users is related to Company A and Some users are Company B ) In same lan connectivity .
-------------------------------------------------------------------
Scenario after checkpoint comes in topology
User A want internet from checkpoint = User Company A -à L3 Switch -à Checkpoint Firewall -à Internet (ISP)
User B want internet from MPLS B = User company B à L3 Switch à MPLS B -à Internet of Company B ( Different GEO Location )
== LAN User Who wanted to use Application behind mpls A à L3 à MPLS Aà Application Server
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
This all we need in one cluster (Two Checkpoint Gateway ) With R80.10 OS and MGMT IN VM
So, I'm thinking to do proxy for Company A because we cannot forward default traffic to checkpoint firewall from L3 Switch to entering default route. We can user specific host route and achieve proxy setup
Harmesh Yadav
