- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
A customer specifically asks me to set up a Layer 2 VPN between a Check Point in the main site and a Fortinet in a remote site, so the same VLANs can be used on both side (stretched over the VPN, incl. broadcast domain and all).
I know this is probably not a desirable setup but the customer wants to know what the possibilities are.
I know of setups between two fortinets that do this (VXLAN over IPSEC) but I haven't seen setups with Check Point yet (neither betwen 2 Check Point devices and 1 Check Point & 1 Third Party.
What are opinions on this matter? Any experience regarding this kind of setup?
Yours,
Willem
Check Point can't terminate VXLAN traffic.
That means, on the Check Point side, you would have to terminate it on a switch or similar inside the network.
I believe VXLAN traffic is just regular UDP traffic on a specific port.
From there, it's just a standard VPN configuration, which should work.
Hello Vxlan is an overlay protocol, currently that technology its not supported on Check Point.
I have used VXLAN implementation on Vmware NSX. You probably can integrate an Open switch on your network to create that L2VPN.
Connecting two Open vSwitches to create a L2 connection between sites « Remi Bergsma's blog
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY