Create a Post
Showing results for 
Search instead for 
Did you mean: 

Allowing access to a Second NGFW Cluster via VPN


I would like to ask if there's things that I lack in this current setup. 

I have 2 NGFW clusters under 1 Smart-1 appliance, Cluster 1 and Cluster 2 is only connected through the MGMT port which is under X.X.4.0/24

The question is that I have already added my Office IP of 173.X.X.0/24 on Cluster 2's X.X.4.0/24 Internal Domain, also added it to Cluster 2's VPN domain, but I only see the following logs related to the traffic form 173.X.X.0 to Cluster 2:

Screenshot 2023-04-18 111246.png

I would assume that it would pass through a policy I created for this, but it always goes through the implied rule.

Screenshot 2023-04-18 111449.png

Hoping for your help on this one as I'm getting somewhat confused right now.






0 Kudos
1 Reply

Expected behavior if Global Properties for Accept ICMP Requests is set to First, as shown here:


If you want this traffic to go through a configured Access rule, then this property will need to be changed.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events