Create a Post
Showing results for 
Search instead for 
Did you mean: 

Save Backupfile to Unix Server through VPN Connection

Hi Checkmates,

i want to configure on the SecurityGateway (Checkpoint Appliance 3100)  automatic Backup Job.

The Destination is a central Unixserver in the Headquater by SCP connection through VPN Connection configured on this SecurityGateway.


The SecurityGateway have more Interfaces and also one Interfaces to the Internet with static public IP-Address. This public IP-Address is also the MGMT IP of the Security Gateway.


The Destination BackupServer have a private IP-Adress and is only reachable over the VPN-Connection.

If I start the Backupjob the Backup is not successfully.



If I check in the same time on the Backupserver the connections, then I see, the Gateway comes with the public IP and maybe this is the problem.



My Question is, how to configure the Backupjob that the Securitygateway use another source IP (his private IP not the public MGMT IP-Address.


0 Kudos
5 Replies

Don't believe that's possible.
Is the remote end of the VPN under your control?
The public IP of the gateway should be part of the encryption domain.
0 Kudos

Yes, the remote end of the vpn under my Control.
The public IP of the Gateway is not a part of the encryption Domain.
0 Kudos
Legend Legend

The public IP of the Gateway is not a part of the encryption Domain - then how should the VPN work for this traffic ? Why not use the local IP instead ?

CCSE / CCTE / CCME / CCSM Elite / SMB Specialist
0 Kudos

I don't know why… Maybe the Destination ip is the private IP...
hmm… any others an idea?
0 Kudos

OpenSSH has the capability to specify the IP address used when transferring scp/sftp.

Since you have CLI access to the appliance try adding running it manually to see if it will connect when using the BindAddress option.


scp -o BindAddress= /home/admin/filename user@


If that works, then it is possible to add configuration options in /etc/ssh/ssh_config to force the gateway to use the internal interface IP address for SCP for the specific IP destination.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events