Hello all, 

I am actually completely new to Checkpoint. I have done same thing on different vendors but first time tried to make on CP but failed. Unfortunately I cannot find enough resources for solving my problem that is why I write here.

We are building new branch office and installing gateway there. I want all traffic to be router to central office through VPN because for AWS resources I need to have Public IP connection from Central office. The problem is SP cannot install fiber optics in time and now we are using 4G router in front CP for couple weeks. So the connection is as below:

LAN-CP(15000S)-192.168.1.0/24-4G-Reserved Public IP.

Central Office side is completely okay and have already a lot VPN tunnel configured previous to me.

I am doing All TCP_UDP ports forwarded from 4G router to checkpoint external Private IP which is static.

What I need to enable beside basic Domain Based VPN configuration on Checkpoint Firewalls? Any help is appreciated.

How Can I enable NAT-T on both gateways for this connection?

What is "Hide this gateway behind another gateway" on Advanced->NAT section? Do i need to enable it?

Is putting Public IP of 4G router in Link selection enough?