Re: Internet access to different subnets

Narrah_Munthali · ‎2018-07-16

Hello Mates. I have configured different subnets on my checkpoint as per business requirement. these subnets are per function and we have 11 subnets. the problem is only nine subnets are working on the checkpoint even if I do the exact configuration on all subnets. Is there a limitation on subnets that can work on a checkpoint configuration?

PhoneBoy · ‎2018-07-16

We're going to need a lot more information.

At a minimum:

What does the rulebase look like to permit access?
Sample log entries from "working" and "not working" access?

Based on that, we should be able to provide guidance.

Maarten_Sjouw · ‎2018-07-16

Some more questions:

How do these networks connect to the Firewall?
How did you define outbound NAT, all traffic behind GW or Hide NAT to an IP per subnet?
How is routing setup for the 11 subnets?

We have customers with thousands of subnets connecting through a Check Point firewall so this number is not an issue.

Regards, Maarten

Narrah_Munthali · ‎2018-07-19

1. There are two routers with /16 subnet. A microtik router receives all the traffic from the subnets and forwards them to the checkpoint.

2. All subnets are hide Nat and its per subnet

3. Each subnet has a route pointing to the interface on the checkpoint that provides the internet. I will be uploading the network diagram shorlty

Are you a member of CheckMates?

Internet access to different subnets