Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
marcinw
Participant

Dynamic IP address and VPN site to site

Hi,

 

I am trying to force 1490 to create VPN tunnel with MGMT server with Dynamic IP , I have no problem with establishing VPN connection on SMB with static IP address.  I am doing everything according to document 

 

https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Check-Point-SmartCloud-Admin-...

section : How to Connect a SMB Security Gateway with a Dynamic IP

when I am trying to establish connection from MGMT I see "Trust established" (however I dont see this on SMB security dashboard), when I am trying push policy to GW-4 (this gateway ) I see "...a dynamic object should be used instead" please check attachment.

What Am I doing wrong ? thank you

 

0 Kudos
4 Replies
_Val_
Admin
Admin

The document you are quoting is about SmartCloud management. Are you using on prem, or SmartCloud?

Concerning the error, show rule 5 specifically, and your DIAP GW object.

0 Kudos
marcinw
Participant

I don't use smartcloud it's a simple LAB edge firewall/ mgmt server in VMware, and a few of 1550, 1430 .

The rule no5 refers to access of MGMT srv to VPN GW , GW-4 is a member of VPN_Gateways group 

 

rule5.png

0 Kudos
_Val_
Admin
Admin

Use a proper guide then.

Make use your GW4 is defined as "DIAP GW" and not a regular one.

0 Kudos
marcinw
Participant

DO I have to use certificates (create any) to create this VPN tunnel betwen static IP edge and dynamic IP smb gateway?  or it happens in the same way like with static IP ?

0 Kudos