Thanks for the feedback so far but none of the provided articles is helpful.
I already configured many times destination NAT on a Check Point but never used the gateway main IP as a destination and do port NAT for this one.
This is a manual static NAT for which I would not need to configure static proxy-ARP since it is the gateway IP itself.
Also since I see the traffic properly arriving on the gateway this part is fine.
The setup is a VSX cluster with a VS0 and VS1 where VS1 is the internet facing gateway, my VS1 cluster object has as main IP the public IP configured which is used in the manual static destination NAT.
Management is running R80.20.M2 and the gateways R80.20 + jumbo #33, please find below the cpinfo -y all:
[Expert@GW01:0]# cpinfo -y all
This is Check Point CPinfo Build 914000182 for GAIA
[IDA]
No hotfixes..
[CPFC]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 33
[MGMT]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 33
[FW1]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 33
FW1 build number:
This is Check Point's software version R80.20 - Build 026
kernel: R80.20 - Build 022
[SecurePlatform]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 33
[CPinfo]
No hotfixes..
[DIAG]
No hotfixes..
[PPACK]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 33
[CVPN]
HOTFIX_R80_20_JUMBO_HF_MAIN Take: 33
[CPUpdates]
BUNDLE_R80_20_JUMBO_HF_MAIN Take: 33
[rtm]
No hotfixes..
Regards,
Pascal