Create a Post
Showing results for 
Search instead for 
Did you mean: 

IPsec VPN between fortigate(v5.6) and CheckPoint(R80.10)

Jump to solution

Hi all,

I will configure site to site IPsec between VPN fortigate(v5.6) and CheckPoint(R80.10).
I wonder Is it possible?

=> Has anyone configured IPsec VPN between fortigate and CheckPoint(R80.10)?

=> Can I get some resources? How to configure IPsec VPN between fortigate and CheckPoint(R80.10).


Thank you!!

1 Solution

Accepted Solutions
0 Kudos
3 Replies
0 Kudos

Fortinet boxes are quite picky about what Proxy-IDs/subnets they will accept in an IKE Phase 2 proposal sent by a Check Point.  You will almost certainly need to make the user.def modifications described in Scenario 1 of sk108600: VPN Site-to-Site with 3rd party.  Juniper and Sonicwall devices are similarly picky.


Second Edition of my "Max Power" Firewall Book
Now Available at

Gaia 3.10 Immersion Self-paced Video Series
now available at
0 Kudos

VPN between Checkpoint and FortiGate works fine.

In the past when configuring VPN between Checkpoint and Juniper ScreenOS gateways, i just configured Phase 2 using Proxy-ID local net remote net on the ScreenOS site and set Tunnel management to "One VPN tunnel per Gateway pair" to let the Checkpoint use the same proxy-ID. This is not the best choice but it was the easiest and it worked. Same on FortiGate gateways.

and now to something completely different