- Products
- Learn
- Local User Groups
- Partners
-
More
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
IDC Spotlight -
Uplevel The SOC
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Good morning
I wonder if any one has come across this before. We have a customer running an SMB 1400 firewall with remote access VPN users. The customer has a secondary IP address range forwarded to the gateway by the ISP. They currently use this secondary range for external NAT IP's. Because the the secondary range is not defined on the interface configuration or the routing table remote access users are not forwarding traffic through the VPN to the firewall and are instead going via the internet to the secondary IP range.
In a fully managed gateway this would be easy to resolve by adding the secondary IP range into the remote access VPN encryption domain but I do not see that functionality in the locally managed SMB device. Does any one know of a work around for this or is the only answer to go to a fully managed SMB device.
Regards
Nigel
have you tried manually defining the encryption domain?
Remote Access - Advance -> Local Encryption domain is define .. (default is automatic)
there is a similar settings for Site to Site VPNS
It may not help but it is worth a try.
have you tried manually defining the encryption domain?
Remote Access - Advance -> Local Encryption domain is define .. (default is automatic)
there is a similar settings for Site to Site VPNS
It may not help but it is worth a try.
Yup that worked a treat.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY