This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
sklotz
Participant
‎2025-07-09 10:39 AM

MEP VPN Gateway: force specific client to connect to backup gateway

Hi there,
how can I force specific clients to connect to the backup VPN gateway in a MEP Primary/Backup setup?
Or ask the other way round, how is the Checkpoint Mobile Client verifying, if the primary VPN gateway is available.
Can I simply create a FW-rule (or any other similar configuration) to block this "health-check" to "simulate" that the primary VPN gateway is down without affecting all other VPN-clients?
Or is there any detailed documentation available how the dial-in process of the client-VPN is working and which part of the gateway configuration is doing what and in which order?
As of now this is not really transparent for me.
Thank you!

Regards,
Stefan

0 Kudos
1 Reply
_Val_
Admin
Admin
‎2025-07-10 04:56 AM

Have you already read the relevant admin guide chapter? It explains different mechanisms, modes, and gives you enough details to figure out the rest.

Yes, you can use a third-party FW to drop the client packets sent to the primary GW. However, that will not work if you are trying to do that on the VPN GW itself, since the VPN negotiations are covered by implied rules. 

 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events