Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
kamaladmire1
Contributor
Contributor
Jump to solution

Check Point to Azure S2S VPN with Active and Backup ISP

HI All, need help with below, 

Environment R81.10 Check Point Cluster:

Check Point Cluster configured with Primary (BT) and Secondary ISP (VMB)

Currently Active S2S VPN using BT (Primary) to AZURE VPN gateway all working fine...

Another VPN gateway Configured in Azure in the same resource group to share same backend subnet for Backup VPN to Check Point using backup ISP (VMB)

question, after initial configuration tunnel interface policy etc, what extra configuration is required to tell Check Point when internet failover use secondary ISP link to Azure backup VPN?

both VPN are route based VPN with tunnel interfaces.

testing Plan is to failover ISP to backup VMB and perform testing

 

see attached diagram 😛

 

 

 

 

 

 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

The main thing you'll need to do is set up Link Selection to ensure the right source IP is used (assuming the WAN IP on the different ISP links is...different).
See: https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_SitetoSiteVPN_AdminGuide/Top... 

View solution in original post

0 Kudos
(1)
2 Replies
PhoneBoy
Admin
Admin

The main thing you'll need to do is set up Link Selection to ensure the right source IP is used (assuming the WAN IP on the different ISP links is...different).
See: https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_SitetoSiteVPN_AdminGuide/Top... 

0 Kudos
(1)
kamaladmire1
Contributor
Contributor

Thanks I have managed to make it work and yes the link selection is the key 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events