This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Teddy_Brewski
Contributor
‎2022-02-15 01:36 AM

Public IP of VPN gateway in the encryption domain

Jump to solution

Hello,

Remote site: Cisco ASA with a public IP. The requirement is to use this public IP in the encryption domain (they do NAT on their end).

Our site: Check Point R80.40. 

Traffic flow: from remote site.

When I create an interoperable object, can I use the IP address of the object in the encryption domain?  Since I cannot chose interoperable object from VPN Domain > User defined shall I create a host with the same IP and use host object instead?  Or specifying the external interface with IP assigned for the interoperable object and then choosing All IP Addresses behind Gateway is preferred? Or it's the same?

Thank you.

Labels
0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2022-02-16 01:48 PM

Jump to solution

I believe the gateway IP is implicitly included in the encryption domain.
It shouldn’t be necessary to include it.

View solution in original post

2 Replies
PhoneBoy
Admin
Admin
‎2022-02-16 01:48 PM

Jump to solution

I believe the gateway IP is implicitly included in the encryption domain.
It shouldn’t be necessary to include it.

the_rock
Champion
Champion
‎2022-02-16 03:13 PM

Jump to solution

Phoneboy is right, its automatically included, for sure.