Hi,

After some advice on the best config for this scenario. 

I have a single management server managing 2 separate Checkpoint firewalls. I need to setup the following:

1) VPN from one Checkpoint firewall to a 3rd party Fortinet Satellite gateway to allow access to subnet 192.168.1.0/24

2) VPN from the other Checkpoint firewall to the same 3rd party Fortinet Satellite gateway to allow access to subnet 192.168.2.0/24

I've created an interoperable device for the Fortinet gateway and configured it's encryption domain to include both the subnets above. I've then created 2 VPN communities, one for each CheckPoint. The issue is that the Fortinet is not accepting the proposal as it is only expecting a single subnet to be included in each VPN community.

What's the best way to do this? Should I create 2 separate objects for the Fortinet and set different encryption domains for each of them or is there a cleaner solution?

All CP devices running 80.20 build 101

Thanks in advance 🙂