Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
smilesonisamal
Explorer

IPSEC VPN Between AWS

Hi ,

   I want to create a IPSEC Tunnel between On-premise Checkpoint VPN device(R80.x) to AWS VPC .  Is there any AMI  which I can use?

  Once established can I access a RDS endpoint in the private subnet of AWS VPC (appdb.xxx.xxx.dns.com 3306 port ) from the On-premise checkpoint VPN device ? If its possible can someone help any documentation/links to try out this option?

Looks like there are some challenges while accessing the DNS. Can anybody help in this regard?

https://www.fir3net.com/Firewalls/Check-Point/allowing-domain-dns-based-objects-through-a-checkpoint...

 

Regards

PP

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

Technically you don’t even need an AMI to terminate a VPN in AWS.
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

If you do want to terminate the VPN with a Check Point gateway in your VPC, you can do that as well by using any of the standard gateway AMIs.

Not exactly sure about the DNS part of it but I assume you can configure your on-premise DNS server to forward requests for the relevant domain over the VPN tunnel to the internal AWS DNS server (assuming the name can’t be externally resolved).