This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
marcinw
Participant
‎2022-01-10 05:03 AM

2 Remote Access communities within the same SMS

Hi

 

Is it possible having 2 remote access communities for 2 different firewalls (that are already in the same Meshed VPN community as well) with the same list of users on the same SMS ? Even if possible , should I expect any possible issues ?

thanks

 

0 Kudos
8 Replies
the_rock
Champion
Champion
‎2022-01-10 06:17 AM

I do not believe that was ever possible...MAYBE at some point in R80.20 (I THINK), but it got removed right away. I am 99.99% sure you can have only 1 RA community.

Chris_Atkinson
Employee
Employee
‎2022-01-10 06:30 AM
In response to the_rock

It was a bug in the GUI at the time, see the previous discussion about this here:

https://community.checkpoint.com/t5/Remote-Access-VPN/Multiple-Remote-Access-Communities-GW-Version/...

0 Kudos
the_rock
Champion
Champion
‎2022-01-10 06:31 AM
In response to Chris_Atkinson

Yes, thats the one I was looking for : - )

marcinw
Participant
‎2022-01-10 06:32 AM
In response to the_rock

ok, thank you , now if I add 2nd gateway to the same Remote Access community and they are  both  in the same VPN community already ? will there be any issues ?

0 Kudos
the_rock
Champion
Champion
‎2022-01-10 06:34 AM
In response to marcinw

I dont think it would be an issue, I see people doing it all the time...are you attempting to do MEP?

marcinw
Participant
‎2022-01-10 06:53 AM
In response to the_rock

no MEP, just second location with RA for the same group of users

0 Kudos
the_rock
Champion
Champion
‎2022-01-10 07:04 AM
In response to marcinw

I seen lots of customers use multiple gateways in RA community.

RS_Daniel
Advisor
‎2022-01-10 11:34 AM
In response to marcinw

Hello,

You need to put more details about what your requierements to get an accurate answer. I unserstand you want to manage these two gateways completely independent. In this case you need to disable secondary connect  and mep on both gateways, in this way you will be able to have as many gateways as you want on the community and will be able to configure encryption domains independently.

Solved: Disabling MEP - Check Point CheckMates

Remote Access Clients for Windows 32/64-bit E80.72 and Higher Administration Guide (checkpoint.com)

On remote access clients guide look for secondary connect configuration section, and change client decide and default options to False.

Regards