Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
lbcadenco10
Contributor
Jump to solution

Policy Based VPN Route Redistribution

Hi all,

 

Is it possible to redistribution routes into OSPF or BGP when using policy based VPNs or is my only option to use route based VPNs? Since there is no static route or next hop when using with policy based VPNs, I'm guessing that routed based is the only way to go, however, my experience with Checkpoint is limited so I wanted additional insight

If route based VPNs is the way to go, all of our VPNs are current policy based. Is there any issues with using policy based VPNs with route based VPNs on the same appliance? 

0 Kudos
1 Solution

Accepted Solutions
JanVC
Collaborator

On your local Check Point add a route for the remote encryption domain with next hop your ISP router

The firewall will never route it to the ISP since the vpn daemon picks it up first and forwards it to the domain based VPN

View solution in original post

2 Replies
PhoneBoy
Admin
Admin
Generally mixing Domain and Route-based VPNS on the same gateway is a bad idea.
JanVC
Collaborator

On your local Check Point add a route for the remote encryption domain with next hop your ISP router

The firewall will never route it to the ISP since the vpn daemon picks it up first and forwards it to the domain based VPN

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events