Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Americo_two
Participant

ISP Redundancy + IPSEC Tunnel with third-party firewall

Hi Everyone,

I found some forums about this subject, but I couldn´t find a solution, we have a gateway with R77.30 version installed, and with ISP Redundancy configured, we want to configure an IPSEC VPN with a third-party firewall.

Today this VPN is working with the main link, but we need to add the second link installed to have a contingency in case of failure of one of the links

 

0 Kudos
4 Replies
the_rock
Legend
Legend

You have to configure isp redundancy on the firewall itself and then apply that to vpn traffic. Are you familiar how to do that? I cant recall the article, but if you look it up, there are instructions on support site.

0 Kudos
Baasanjargal_Ts
Advisor
Advisor

Hello,,

1. You need to enable "Apply settings to VPN traffic" on the ISP redundancy config.

2. Choose "Use Probing. Link redundancy mode" on the IPSEC VPN -> Link selection

look into below guide:

 https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_NextGenSecurityGateway_Guide/Topic...

 

 

 

asher
Contributor

HI

its limited to the following scenario:

1. 2 internet iso lines with isp redundancy

2. another external nic that connect to ipvpn cloud  with managed checkpoint branches, in this case the link selection is gray out 

and if you enable the isp redundancy what will happend with all the link selection configuration that related to the ipvpn nic for connect branches with ipsec? ( sourc ip , outgoing nic ... ) 

0 Kudos
PhoneBoy
Admin
Admin

While this should work with R77.30 as described in this thread, just know it has been End of Support for at least 18 months and you should strongly consider upgrading to a supported release.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events