I actually have a R80.20 cluster with 2 gateways.
All employees are allowed to have a remote access using Checkpoint Mobile.
When they do so, they get a 172.16.10.0/23 address.
First problem :
I wanted to allocate few IP addresses in this range. I did it by modifying the ipassignment.conf file .
In the beginning it was working fine. But, I then realized the IP address was given to another employee who has connected earlier in the day...how is it possible to overwrite the reservation like that ?
Second problem :
I decide to allocate static IP address for the concerned users in another subnet (let's say 10.x.x.x/24), so that I'm not bothered by the first problem.
The problem is, as soon I'm connected by VPN with the new IP address I set, I get disconnected 30 seconds later .
In the logs, I can see that my traffic links with the external interfaces but all the packets get dropped with "Address spoofing" error message. In fact, my traffic isn't listed as "VPN" feature.
How could I fixe one or both problems ?
Thanks in advance,