Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Silver

Using Check Point for CGNAT functions

Dear Check Mates

Our curent CGNAT platform is no longer feasible for our needs and we intend to migrate another platform, as such Check Point is also part of our plan.

Currently, we are aware that our appliance supports Hide CGNAT feature (see picture bellow). But we would like to know if Check Point supports the features mentioned bellow, or if it has a different name in Check Point world.

  • ALG (Aplication Level Gateway)
  • EIM (Endpoint Independent Mapping)
  • EIF (Endpoint Independent Filtering)
  • Hair pinning

Kind regards

Di Junior

0 Kudos
4 Replies
Highlighted
Sapphire

0 Kudos
Highlighted
Silver

Thank you

0 Kudos
Highlighted
Silver

Vladimir Yakovlev any inputs with regards to this topic.

Thanks

0 Kudos
Highlighted
Pearl

According to Upgrade to R80.10 is blocked due to Pre-Upgrade Verification , CGNAT and NAT64 are supported in R80.20M1 and, I would venture a guess, in R80.20, but you would want to get an independent confirmation.

I recall that the Hairpin NAT was supported as well. Here are some references to that:

Checkpoint Firewall NG hairpin NAT | GTKC Knowledgebase 

EIM would probably equates to https://community.checkpoint.com/thread/8364-httpmapped-usage referenced in the discussion at the link.

 ALG, I think, is more of the F5 province, but perhaps someone else could give you a better idea.

Try running these questions by your CP sales rep. He has the resources (and incentive), to get the right answers from the right places:)