Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Ivory

Checkpoint 5200 VPN - connect to subnetwork of the network

Jump to solution

5200 is the FW of network A

network B connects with network A and browses internet via network A

Workstations at local network A add a route to assess network B

Now a remote workstation uses secure remote to connect with network A

No problem at all but how can the remote workstation connect with network B

simply add a route at the remote workstation is not worked

route to network B has been added at FW5200

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Admin
Admin
I assume you mean the SecuRemote VPN client in this case.
Does your Encryption Domain on the gateway include Network B?
If it does not, this won't work.
This VPN domain is defined in the relevant gateway object in SmartConsole under Network Management > VPN Domain.
If you're using the "All IP Addresses behind Gateway Based on Topology Information" option, then the Topology settings for your internal interface must be set to an option that includes Network A and B.
Policy must be reinstalled for these changes to take effect.

View solution in original post

0 Kudos
4 Replies
Highlighted
Admin
Admin
How is the remote workstation connected in this case?
Is there a route from network B back to the remote workstation's IP?
A diagram would really help.
0 Kudos
Highlighted
Ivory

remote workstation can connect with network A by VPN secure remote
network B can access network A and internet

remote workstation failed to assess network B by adding a route as all workstations in network A adds

No routing is added in network B as its gateway is defaulted

 

簡報1.jpg

0 Kudos
Highlighted
Admin
Admin
I assume you mean the SecuRemote VPN client in this case.
Does your Encryption Domain on the gateway include Network B?
If it does not, this won't work.
This VPN domain is defined in the relevant gateway object in SmartConsole under Network Management > VPN Domain.
If you're using the "All IP Addresses behind Gateway Based on Topology Information" option, then the Topology settings for your internal interface must be set to an option that includes Network A and B.
Policy must be reinstalled for these changes to take effect.

View solution in original post

0 Kudos
Highlighted
Ivory

Thanks a lot.

0 Kudos