Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
sanoj
Explorer

VPN link selection use 3main address

Hi,

we have 3ISP topology as external. One ISP link we have configure for vpn site to site.Already running 8 vpn tunnels. 

link selection we have manually selected that particular ISP from interface ip link.  

we have need to create new vpn with tunnel using another external ISP connection. We are not enabled isp redundancy. If we selected new interface in link selection existing vpns will down. 

Can anyone advice what will happen if we select vpn link selection Main Address? Any issues if configured 2ISP with these method? 

thank you!

 

 

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

Main Address will always use the object IP for the VPN.
If you want the IP to change based on ISP used, ISP Redundancy must be enabled.

garrod
Contributor

Hi PhoneBoy,

 

I remember got one scenario with some issues, where setup as 

<Multiple Router> - <Link Controller/Load Balancer> -Transit Link / Internal IP- <Check Point Gateway>

Where Check Point will only have one Link Selection option for NATed Public IP Address selection, if have multiple Public IP Address, we got any options to include multiple Public IP Address?

0 Kudos
PhoneBoy
Admin
Admin

Unfortunately, you can only specify one IP in Link Selection currently.
This is something I believe we will address in an upcoming release.

the_rock
Legend
Legend

I think that would be HUGE improvement, if it happens.

0 Kudos
the_rock
Legend
Legend

There is no issue doing it the way you said...Im sure thats how 99% of people do it, BUT, as Phoneboy said, if you want this to change based on ISP itself, then you have to use ISP redundancy. Important note, keep in mind that even IF you use ISPR, thats no guarantee if there is a failover, vpn tunnels will work, as other ends would need to know about the new external IP on CP side, so thats also something to keep in mind.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events