This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
Narrah_Munthali
Participant
‎2018-07-16 03:05 AM

Internet access to different subnets

Hello Mates. I have configured different subnets on my checkpoint as per business requirement. these subnets are per function and we have 11 subnets. the problem is only nine subnets are working on the checkpoint even if I do the exact configuration on all subnets. Is there a limitation on subnets that can work on a checkpoint configuration? 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2018-07-16 07:03 AM

We're going to need a lot more information.

At a minimum:

  1. What does the rulebase look like to permit access?
  2. Sample log entries from "working" and "not working" access?

Based on that, we should be able to provide guidance.

0 Kudos
Maarten_Sjouw
Champion
Champion
‎2018-07-16 11:28 AM

Some more questions:

  1. How do these networks connect to the Firewall?
  2. How did you define outbound NAT, all traffic behind GW or Hide NAT to an IP per subnet?
  3. How is routing setup for the 11 subnets?

We have customers with thousands of subnets connecting through a Check Point firewall so this number is not an issue.

Regards, Maarten
0 Kudos
Narrah_Munthali
Participant
‎2018-07-19 01:03 AM
In response to Maarten_Sjouw

1. There are two routers with /16 subnet. A microtik router receives all the traffic from the subnets and forwards them to the checkpoint. 

2. All subnets are hide Nat and its per subnet

3. Each subnet has a route pointing to the interface on the checkpoint that provides the internet. I will be uploading the network diagram shorlty 

0 Kudos
Labels