Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Stelios_Andreou
Participant

SSL Webapp

Dear mates

 

I create one webapp on ssl vpn. The thing is that I use the SSL VPN to connect on internal local but the host is on Azure that I have another site to site VPN with the internal net.

 

It seems that I can not access the webapp this way.

Can you assist me?

 

Thank you.

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

So you're trying to access a web application from your gateway that is only available from a site-to-site VPN?
What are you connecting to at the other end of the VPN?
Is it configured to allow traffic from the gateway itself as a source (i.e. as part of the Encryption Domain or equivalent)?

0 Kudos
Stelios_Andreou
Participant

Hi PhoneBoy, Thank you for the reply.

Yes, I'm trying to access through SSL vpn a host on azure that is connecting from a site-to-site.

It's machine that hosting a website.

Please note that with ipsec vpn, i can access the website.

0 Kudos
PhoneBoy
Admin
Admin

What is hosting the IPSec VPN at the Azure end?
And is it configured to allow encrypted traffic that originates from the gateway's external IP?

0 Kudos
Stelios_Andreou
Participant

Yes, the VPN is hosting by the checkpoint appliance and the Azure virtual gateway object. Also i notice that when I'm trying to access the web from SSL VPN. I'm not getting any logs on my checpoint gw

0 Kudos
PhoneBoy
Admin
Admin

The connection is probably being allowed from the gateway itself via an implied rule.
However, the remote end must be explicitly configured to allow a connection from the gateway's external IP.
I don't remember what they refer to it as on the Azure side, but it would be equivalent to the Encryption Domain on the Check Point side.
Although this would not be required on the Check Point side since the gateway IPs are always included in the Encryption Domain without explicitly being configured.