Create a Post
Showing results for 
Search instead for 
Did you mean: 
Jump to solution

Site to Site VPN (policy based) and routing behavior

Hi!, I would like to clarify with you if the routing has precedence when we have site to site VPN tunnels created. For example, in Cisco routers/ASA, you create a crypto map with an encryption domain, so if traffic goes out to the interface which has the crypto map attached, the traffic is encypted (if the traffic matchs the encryption domain of course). But if the traffic does not go out to the interface with the crypto map due to routing, the traffic is not encrypted and is routed through a different interface.

Have we the same behavior in Checkpoint, right? Or it works in a different way? I sopose that it works in a similar way and when the tunnel is establish from the WAN interface, only the traffic which goes out through this WAN interface is the one which is encrypted, right? Thanks!

0 Kudos
9 Replies
This widget could not be displayed.