- CheckMates
- :
- Products
- :
- General Topics
- :
- Layer 2 VPN between Check Point & Third Party
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Layer 2 VPN between Check Point & Third Party
A customer specifically asks me to set up a Layer 2 VPN between a Check Point in the main site and a Fortinet in a remote site, so the same VLANs can be used on both side (stretched over the VPN, incl. broadcast domain and all).
I know this is probably not a desirable setup but the customer wants to know what the possibilities are.
I know of setups between two fortinets that do this (VXLAN over IPSEC) but I haven't seen setups with Check Point yet (neither betwen 2 Check Point devices and 1 Check Point & 1 Third Party.
What are opinions on this matter? Any experience regarding this kind of setup?
Yours,
Willem
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check Point can't terminate VXLAN traffic.
That means, on the Check Point side, you would have to terminate it on a switch or similar inside the network.
I believe VXLAN traffic is just regular UDP traffic on a specific port.
From there, it's just a standard VPN configuration, which should work.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Vxlan is an overlay protocol, currently that technology its not supported on Check Point.
I have used VXLAN implementation on Vmware NSX. You probably can integrate an Open switch on your network to create that L2VPN.
Connecting two Open vSwitches to create a L2 connection between sites « Remi Bergsma's blog