This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
BoGa
Explorer
‎2020-08-14 06:20 AM

Routing client VPN traffic into site-to-site VPN tunnel

Hi Mates,

 

Is it possible to route Check Point Endpoint Security VPN client traffic into a site-to-site VPN tunnel?

The remote client connects from the Internet to the CP Gateway with the Endpoint Security VPN client and he should connect to a remote server over a site-to-site VPN tunnel. Both the client VPN and the site-to-site VPN managed and terminated by the same CP gateway. Office Mode is enabled, Hub Mode is disabled.

 

Thank you in advance for your help,

Best regards,

Gabor

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2020-08-14 12:42 PM

You have to add the remote site’s encryption domain into the Remote Access VPN Community.

0 Kudos
BoGa
Explorer
‎2020-08-15 12:54 AM
In response to PhoneBoy

Thank you for your reply PhoneBoy 🙂

Do you mean that the remote site's VPN domain should be added to the relevant Gateway >> Network Management >> VPN Domain >> Manually defined  group?

Is it all that should be done or is there anything else to do?

 

Best regards,

BoGa

0 Kudos
Vladimir
Champion
Champion
‎2020-08-15 06:56 PM
In response to BoGa

I believe there is a separate "Remote Access VPN Domain" that should be used for this.

0 Kudos
BoGa
Explorer
‎2020-08-24 04:45 AM
In response to Vladimir

Hello Vladimir,

Yes, there is a Remote Access VPN Community, which is used for the Remote Access VPN users.

Participating Gateways and Participant User Groups can be added here, but not VPN domains directly. Participating Gateways could be relevant, where an Interoperable Device can be added, which represents the remote peer's gateway with its public IPv4 address and VPN Domain.

It would be the solution - as I understand correctly, right?

Thanks,

BoGa

0 Kudos
Francisco_Sachi
Participant
‎2021-12-09 03:54 PM
In response to BoGa

Hello BoGa, can u resolve this issue? Thanks a lot.

0 Kudos