- CheckMates
- :
- Products
- :
- Quantum
- :
- SMB Gateways (Spark)
- :
- Re: PSK VPN not available for SMBs managed in SMP
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
PSK VPN not available for SMBs managed in SMP
A customer has tried to create a VPN S2S using PSK for a VPN to one of his suppliers who only uses PSK. He found that:
- he is unable to use PSK for VPN community in Plans (not selectable)
- he is unable to use PSK for VPN in SMB WebGUI (option is greyed out)
I find this kind of strange as:
- PSK VPN can be configured and used on locally managed SMBs
- PSK VPN can be configured and used on centrally managed SMBs
- If locally managed SMBs have PSK VPN configured and running already, PSK VPN tunnel will still work after being connected to SMP Cloud portal
- SMBs connected to SMP Cloud portal can use PSK VPN when using SMBs CLI for configuration
There must have been some decision to disable this option, and TAC suggested to do a RFE for it - but what is the reason ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It could also be a bug.
Did you check with TAC?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes - R&D stated it is not supported, but i wait for the details after asking the same as above...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hmmm could this be the limitations that you describe?
https://support.checkpoint.com/results/sk/sk182234
- Can we configure VPN with a third-party peer without using a certificate in Quantum Spark Management...
Currently, this is not supported.
If you like this post please give a thumbs up(kudo)! 🙂
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I read it the same way.
Doesn't answer the question why, unfortunately.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is the answer:
After an internal discussion with the relevant teams, I was informed that implementing this feature requires complex development.
Hence, for this development to be on the roadmap, an RFE should be submitted.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That certainly answers the concern, though wish it said why its not supported.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes - but as i wrote above, this is only a GUI limit ! If you define the PSK VPN before activationg cloud services or if you use CLI (Plan Script) for configuration, it does work as expected. And i want to know why we have that double GUI limit on PSK...