I would ask you how to resolve the below problem.
At the moment we use 6 Check Point gateways for our VPN Remote Access system.
Each gateway has dedicated Office Mode pool:
gw05 Office Mode Pool 10.76.0.0/19
gw01 Office Mode Pool 10.76.32.0/19
gw03 Office Mode Pool 10.76.64.0/19
gw06 Office Mode Pool 10.76.128.0/19
gw02 Office Mode Pool 10.76.160.0/19
gw04 Office Mode Pool 10.76.192.0/19
Despite that each pool has 8190 IP addresses it is not enough for us. We need to double each pool.
Of course we can change subnet mask to /18 but we don’t want do it. Instead of this we looking for solution where we will use two pools (each of them with subnet mask /19). When the first pool will be full IP address should be assigned from second pool
It should looks like this:
gw05 Office Mode Pool 10.76.0.0/19 and 10.77.0.0/19
gw01 Office Mode Pool 10.76.32.0/19 and 10.77.32.0/19
gw03 Office Mode Pool 10.76.64.0/19 and 10.77.64.0/19
gw06 Office Mode Pool 10.76.128.0/19 and 10.77.128.0/19
gw02 Office Mode Pool 10.76.160.0/19 and 10.77.160.0/19
gw04 Office Mode Pool 10.76.192.0/19 and 10.77.192.0/19
At the moment we use “Manual method” for Office Mode
In this method it is possible indicate only one pool / network so we decided to use ipassignment.conf file with content like this:
Because this is new configuration for us, so we decided to test it in our lab.
Of course we hadn’t possibilities to conduct that test in that scale like in production environment, so ipassignment.conf file in our lab looked like below.
The test was that 3 clients try to connect to VPN and the results was like below:
Client-1 get address 10.76.0.4
Client-2 get address 10.76.0.5
Client-3 didn’t get address (screen below)
So my questions are:
The software we used during the tests is:
Check Point R80.40 take 294 (HFA take 139)
Endpoint Security E85.40
Thanks in advance
| User | Count |
|---|---|
| 8 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 |
Tue 12 Nov 2024 @ 03:00 PM (AEDT)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (APAC)Tue 12 Nov 2024 @ 10:00 AM (CET)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (EMEA)Tue 12 Nov 2024 @ 02:00 PM (CET)
Part 1: Harnessing AI to Prevent Cyber Attacks and Enhance Defense - EMEATue 12 Nov 2024 @ 11:00 AM (EST)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (AMERICAS)Tue 12 Nov 2024 @ 02:00 PM (EST)
Part 1: Harnessing AI to Prevent Cyber Attacks and Enhance Defense - AmericasTue 12 Nov 2024 @ 03:00 PM (AEDT)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (APAC)Tue 12 Nov 2024 @ 10:00 AM (CET)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (EMEA)Tue 12 Nov 2024 @ 02:00 PM (CET)
Part 1: Harnessing AI to Prevent Cyber Attacks and Enhance Defense - EMEATue 12 Nov 2024 @ 11:00 AM (EST)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (AMERICAS)Tue 12 Nov 2024 @ 02:00 PM (EST)
Part 1: Harnessing AI to Prevent Cyber Attacks and Enhance Defense - AmericasWed 20 Nov 2024 @ 05:00 PM (CET)
Under the Hood: DO NOT Renew your WAF without watching THIS!!Tue 19 Nov 2024 @ 12:00 PM (MST)
Salt Lake City: Infinity External Risk Management and Harmony SaaSWed 20 Nov 2024 @ 02:00 PM (MST)
Denver South: Infinity External Risk Management and Harmony SaaSThu 21 Nov 2024 @ 02:00 PM (MST)
Denver North: Infinity External Risk Management and Harmony SaaSTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management Workshop
