Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
TAEKBOM_Kim
Contributor
Jump to solution

IPsec VPN between fortigate(v5.6) and CheckPoint(R80.10)

Hi all,

I will configure site to site IPsec between VPN fortigate(v5.6) and CheckPoint(R80.10).
I wonder Is it possible?

No.1
=> Has anyone configured IPsec VPN between fortigate and CheckPoint(R80.10)?
  :


No.2
=> Can I get some resources? How to configure IPsec VPN between fortigate and CheckPoint(R80.10).

  :


Thank you!!

1 Solution

Accepted Solutions
Nüüül
Advisor
0 Kudos
3 Replies
Nüüül
Advisor

Hi,

should work for the most cases...

more:

How to set up a Site-to-Site VPN with a 3rd-party remote gateway 

Daniel

0 Kudos
Timothy_Hall
Legend Legend
Legend

Fortinet boxes are quite picky about what Proxy-IDs/subnets they will accept in an IKE Phase 2 proposal sent by a Check Point.  You will almost certainly need to make the user.def modifications described in Scenario 1 of sk108600: VPN Site-to-Site with 3rd party.  Juniper and Sonicwall devices are similarly picky.

 

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Vincent_Bacher
Advisor
Advisor

VPN between Checkpoint and FortiGate works fine.

In the past when configuring VPN between Checkpoint and Juniper ScreenOS gateways, i just configured Phase 2 using Proxy-ID local net 0.0.0.0/0.0.0.0 remote net 0.0.0.0/0.0.0.0 on the ScreenOS site and set Tunnel management to "One VPN tunnel per Gateway pair" to let the Checkpoint use the same proxy-ID. This is not the best choice but it was the easiest and it worked. Same on FortiGate gateways.

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events