This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
the_rock
Legend
Legend
11 hours ago

Using same enc domain for remote access on more than one firewall

Hey guys,

Just for my own sanity, though we already confirmed with the customer doing this caused the issue, but they were wondering if doing so, one can make it work? So essentially have SAME remote access enc domain for 2 clusters, one for on prem and one Azure?

I cant really see how that would work, but just wondering if its even possible? if not, could they use same random subnets from large group already used for onprem to test Azure side or in order to use same one, it would need to be done during cutover window?

Tx as always!

Andy

0 Kudos
4 Replies
the_rock
Legend
Legend
4 hours ago

For what is worth, I even had it configured with 2 subnets from current RA group used on prem, but even that caused an issue, so now Im really wondering how this can be tested before the actual cutover.

Andy

0 Kudos
Wolfgang
Authority
Authority
4 hours ago

Hi @the_rock using the same encryption domain on multiple gateways for remote access is possible. Normally this is called and done MEP (MultipleEntryPoint). You have to have an eye for the return packets if used MEP.

I don‘t know if this help for your needs, maybe you have to describe this.

0 Kudos
the_rock
Legend
Legend
3 hours ago
In response to Wolfgang

Hey @Wolfgang 

Thanks for that. I see what you mean, though now we have to pause on this, since we dont want to cause customer more issues, as they heavily rely on remote access. I did end up opening TAC case about it, so lets see what they say 🙂

Andy

0 Kudos
the_rock
Legend
Legend
an hour ago
In response to Wolfgang

@Wolfgang 

I assume this is the link you meant?

Andy

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_RemoteAccessVPN_AdminGuide/Topics-....

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events