Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Moudar
Advisor

Domain VPN and route VPN

Hi

In S2S admin guide it says:

route-vs-domain.JPG

If I have several groups within my VPN domain used by different communities, all utilizing domain-based VPN, what will happen to those communities if I create a new community for route-based VPN and add an empty group to the VPN domain?

 

What does the yellow marked text mean?

route-vs-domain1.JPG

0 Kudos
3 Replies
796570686578
Collaborator

In the Gateway Settings you can define an Encryption Domain that will be used by every community per default. So whenever you create a new community, this encryption domain will be used.

But since recently(like like 2 years ago or so I think?) you can define alternative encryption domains for every community in Smart Console. And this is also what you need to do for Route-Based Tunnels. So you don't change the Encryption Domain in the Gateway Object directly(this would override the encryption domain of EVERY tunnel, which you don't want) but rather in the community settings like you showed by clicking on that "pencil icon". Then you can choose to use the "default" encryption domain or a custom one only specific to this tunnel.

 

What does the yellow marked text mean?

It just means that for this tunnel, it will use your "custom" domain and not the default encryption domain according to the gateway settings. You don't have to worry about your other tunnels 🙂

 

 

0 Kudos
Moudar
Advisor

I am getting "VPN failed to resolve Gateway IP address" and it is a SMB gateway with dynamic IP

I have configured VTI on both sides, bot when trying to ping I get this: "VPN failed to resolve Gateway IP address"

0 Kudos
PhoneBoy
Admin
Admin

How are the Link Selection settings set in the relevant gateway objects?
Is this related to IPv6?
See: https://support.checkpoint.com/results/sk/sk132332

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events