The encryption domain for each gateway is defined on the relevant gateway object.
For the pictured gateway:
If an interface has multiple subnets in the topology (because multiple networks behind it), we will summarize into the largest possible subnet.
The behavior depends on the setting of ike_use_largest_possible_subnets and your version as described here: New VPN features in R77.20
You can see all the SAs currently established on your gateway with the CLI command vpn tu.
What's the actual problem you're trying to solve here?
| User | Count |
|---|---|
| 31 | |
| 15 | |
| 13 | |
| 10 | |
| 10 | |
| 7 | |
| 5 | |
| 5 | |
| 4 | |
| 3 |
Tue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopTue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsWed 04 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 2: Cloud Risk Management WorkshopThu 05 Dec 2024 @ 10:00 AM (CET)
Impactful Intelligence: Introducing Check Point Infinity External Risk Management - EMEATue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsThu 05 Dec 2024 @ 10:00 AM (CET)
Impactful Intelligence: Introducing Check Point Infinity External Risk Management - EMEAThu 05 Dec 2024 @ 05:00 PM (CET)
Impactful Intelligence: Introducing Check Point Infinity External Risk Management - AMERTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopWed 04 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 2: Cloud Risk Management Workshop
