This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Exonix
Advisor
Thursday

Appliance 1900 doesn't recognise local encryption domain

Hello,

we have centally managed Appliance 1900 with RAS VPN configured. The SMB has been added to a cluster consisting of a single node.

I can connect, but in the routing table I see all my networks and interfaces instead of the manually specified encryption domain. Why doesn't the security gateway see the local domain?

 

remote_access1.png

Thank you!

0 Kudos
6 Replies
the_rock
Legend
Legend
Thursday

Did this ever work? Does deleting/re-creating the site do anything?

Andy

0 Kudos
Exonix
Advisor
Thursday
In response to the_rock

This is a new setup, but we have another Appliance, that is not a member of the cluster and not managed centralized - it works there.

The recreation of the site didn't help. The strange thing is, that CLI shows "enc-dom auto" 🤷🏼‍

0 Kudos
the_rock
Legend
Legend
Thursday
In response to Exonix

I dont really work much with SMB appliances, but see in smart console, when you edit the object, is there anything like on regular gaia appliances under network -> vpn domain? If so, you can check to make sure same group is configured for remote access vpn domain.

Andy

0 Kudos
Exonix
Advisor
Thursday
In response to the_rock

VPN Domain is for SiteToSite VPN. This works. I will open a ticket...

0 Kudos
Exonix
Advisor
Friday

I was given this article, but it didn't help and I'm not sure this is my case at all: what is the difference between "all the gateways" and "connected gateway"?

Cause

Endpoint client downloads the encryption domain of all the gateways in the Remote Access community including the gateway's topology.

Currently there is no option to configure the client to download the topology of the connected gateway only.

the_rock
Legend
Legend
Friday
In response to Exonix

Does not sound to me like your case either.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events