Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nandhakumar_N
Participant

S2S VPN between Check Point gateways with 2 ISP links in Remote side

We want to setup a Site-to-Site VPN between two Check Point security gateways, where both are managed by the same management server and configured in a cluster and remote site have 2 Internet link.

0 Kudos
3 Replies
AkosBakos
Advisor
Advisor

Hi @Nandhakumar_N 

You mentioned that, you have 2 ISP-s at the moment. How the redundancy configured between the two ISP-s? What settings do you use?

Akos

----------------
\m/_(>_<)_\m/
0 Kudos
Nandhakumar_N
Participant

Hi @AkosBakos 

ISP configured in primary/backup. Center gateway having single Internet link and remote branch office gateway have dual Internet link. We want if remote site primary link went down then tunnel should get auto shift to backup link. So, do we need to configure policy base vpn or route base vpn?

0 Kudos
AkosBakos
Advisor
Advisor

Hi @Nandhakumar_N 

On the center side, nothing special, tha GW has one external IP. Branch office can be tricky. The two ISP provide the same IP, or they have different IP? In S2S VPN config, the Peer GW has one IP only -> this could be an issue.

From my point of view, to avoid of a lot of inconvience, try to use an active device which is responsible for to handle the two ISP link. But this won't solve the different IP problem.

Akos

----------------
\m/_(>_<)_\m/
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events