This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
PIAndre
Explorer
‎2019-04-10 01:04 PM
Jump to solution

Nat rule over tunnel/community

Hi.  Im trying to redirect traffic going out a gateway.  I want to change the traffic flow from:

host_a (port 443) -> checkpoint_gateway -> internet -> public ip on host_b

to:

host_a (port 443) -> checkpoint_gateway -> nat from public ip on host_b to private ip on host_b -> s2s ipsec tunnel -> private ip on host_b

The tunnel works fine for normal traffic flow over the tunnel and all the security domains are defined properly.  There are rules in the policy that the traffic should hit to go over the tunnel.  When I try to create a nat rule to change the public ip to the private ip of host_b the traffic is allowed and I see the translation but It doesnt get encrypted.  Its also skipping my tunnel rule and hitting my default outbound rule at the bottom.  What am I missing in my nat rule to get this traffic flow working?

 

 

 

0 Kudos
5 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events