Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gomboragchaa
Advisor

Dynamic Multipoint VPN

Does Checkpoint has any DMVPN solution? We need DMVPN solution. As far as I know, CP VPN solution is different from other vendors.

Topology

Spoke A and Spoke B hasn't direct VPN connection.
Spoke A and Spoke B gateways are both connected IPSec VPN with HUB site.

Requirment:

Spoke A must to connect Hub and Spoke B network


If all gateways are Checkpoint, Is it possible?
If Spoke A gateway has Fortigate, Is it possible?

0 Kudos
5 Replies
Vladimir
Champion
Champion

If all gateways are Check Point, you can use Meshed Community:

Site to Site VPN R80.10 Administration Guide 

If one of the gateways is a 3rd party device, you theoretically, can configure a route based VPN and use routing protocols on top of those, but it is a bit unwieldy:

 

Gomboragchaa
Advisor

Thank you for response.

But in this case, We cannot create direct VPN between Spoke A and Spoke B. 

I haven't any experience on Route Based VPN.

Route Based VPN possible to provide requirement?

0 Kudos
Petr_Hantak
Advisor
Advisor

You can also use Star community settings with updated VPN routing.

VPN routing

Gomboragchaa
Advisor

Thank you Petr Hantak‌.

Do you have any clue to if only center gateway is Check Point?

0 Kudos
Petr_Hantak
Advisor
Advisor

Yes, the central gateway must be Check Point managed by you. See also Site to Site VPN R80.10 Administration Guideas Vladimir Yakovlev mentioned. Chapter "Configuring VPN Routing in Domain Based VPN" could explain it more.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events