Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Shared public IP for IPSEC Site to Site and Client to Site VPN

Hi All, 

We are trying to create azure routebased VPN and trying to use the same firewall which is used for client to site VPN. 

can same PUBLIC IP be shared as end point url for clients and Peer IP for IPSEC VPN to AWS. 

This firewall is less used as CP client service is still not in production so would like to perform POC then replicate to main DC firewall. 

i should be able to provide more details if require. below are the details - 

 

Firewall - CP 4600 R80.20

Cluster - no

Management server - Yes R80.20

 

Regards

Anshul Pandey

 

@PhoneBoy 

Tags (1)
0 Kudos
3 Replies
Highlighted
Admin
Admin

No need to tag me in new posts, as I generally see them 🙂

Short answer: yes, in fact that's how it normally works.

0 Kudos
Highlighted

Hi , 

Thanks for the quick reply. in Azure routebased VPN we have a pre-requisite of Empty Group under VPN Domain. 

current settings for office mode Client VPN is s snippet below . If I am creating a manually defined empty group - how both will behave then ? would it work still ?

Anything else what you cn think of I should be taking care of ?

Checkpoint VPN Domain.PNG

0 Kudos
Highlighted
Admin
Admin

You can (and probably should) define a different encryption domain for Remote Access (yes, they can have different ones).
0 Kudos