Site to Site VPN (policy based) and routing behavior

May the 4th (+4)
Roadmap Session and Use Cases for
Cloud Security, SASE, and Email Security

SASE Masters:
Deploying Harmony SASE for a 6,000-Strong Workforce
in a Single Weekend

Paradigm Shifts: Adventures Unleashed!
Capture Your Adventure for a Chance to WIN!

Join the Photo Contest!

Mastering Compliance
Unveiling the power of Compliance Blade

WATCH NOW

CPX 2024 Content
is Here!

Get What You Need

Harmony SaaS
The most advanced prevention
for SaaS-based threats

LEARN MORE

CheckMates Go:
CPX 2024 Recap

LISTEN NOW

Create a Post

Hi!, I would like to clarify with you if the routing has precedence when we have site to site VPN tunnels created. For example, in Cisco routers/ASA, you create a crypto map with an encryption domain, so if traffic goes out to the interface which has the crypto map attached, the traffic is encypted (if the traffic matchs the encryption domain of course). But if the traffic does not go out to the interface with the crypto map due to routing, the traffic is not encrypted and is routed through a different interface.

Have we the same behavior in Checkpoint, right? Or it works in a different way? I sopose that it works in a similar way and when the tunnel is establish from the WAN interface, only the traffic which goes out through this WAN interface is the one which is encrypted, right? Thanks!