This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Kjohnt006
Participant
Tuesday

Can we have different encryption domain in STAR S2S VPN topology

Hi Team,

 

We have multiple tunnels on Checkpoint 15000 firewall configured in STAR topology. as attached in snap "VPN Topology".

For all the tunnel we have one encryption domain configured in Center Gateway. this group covers almost all the subnets. basically, it is wider group contains lots of subnets (many more subnets including exact encryption domain IPs).

We are facing issue on one of the tunnels and we want to replace wider group with specific subnets at our end in center gateway encryption domain. 

can we do it? will it impact other tunnels?

please find the attached pics.

Preview file
17 KB
Preview file
32 KB
0 Kudos
4 Replies
Lesley
Leader Leader
Leader
Tuesday

On the vpn community itself you can configure custom local and remote encryption domain. Works the same as global encryption domain under the gateway object. Only difference is that the change will only have effect on the community itself and not on a global level

-------
If you like this post please give a thumbs up(kudo)! 🙂
the_rock
Legend
Legend
Tuesday

Screenshot_1.png

 There you can set whatever group/subnet you desire and if needed, just create new one and assign it, install policy and thats it.

Andy

Kjohnt006
Participant
Tuesday
In response to the_rock

Hi Andy, thank you for the input... just a query, if I will change only for one community, wont it impact other communities?

0 Kudos
the_rock
Legend
Legend
Tuesday
In response to Kjohnt006

Thats right, it never impacts any other communities. Thats a beautiful thing since R80 that you can do this, as it was not possible via smart console back in R77 and before.

Andy

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events