- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
Hi,
A customer had a cluster only with private range addres.
On this cluster it had configured vpn remote acces making Nat on isp provider.
Recently they need to move Nat from isp to this cluster....but client cannot reach.
Is it possible to make than this cluster make also this kind of Nat ( public interface is not configure on this cluster but isp provider route one public ip address for.thqt purpose)?
If the ISP routes a public IP to a cluster, the cluster needs a WAN interface with that public IP that also should be part of the Remote Access community.
i understand. maybe creating an cluster interface with this public ip address like vip.....and configuring rules and vpn link selecction could it be.
Otherwise, the cluster will not feel responsible for this public IP...
I just create a dummy cluster interface with this public ip address like via pf this dummy....it is a internal interface..it means than the traffic must in for current transport interface between isp provider and this cluster.
Vpn client connect but...after a few minutes it disconnect
Afaik this can not work with an internal interface. Look into GW and RA client logs to see the reason the connection is lost!
sorry, the topology interface config like an external....i want to say that this interface is behind firewall in flow....
Should be the external/WAN VIP interface of the cluster according to Remote Access Admin Guide. I would suggest to contact TAC as there may be a special config making this possible.
i'll do. Thanks
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY