- Products
- Learn
- Local User Groups
- Partners
- More
Stop Babysitting Rules.
Go Agentic
Step Into the Future of
AI-Powered Cyber Security
The State of Ransomware Q1 2026
Key Trends and Their Impact
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
Route-based VPNs and encryption-domain-based VPNs can absolutely coexist. Use the normal group for your encryption domain and the empty group for the peer's.
That said, the type of VPN is only locally significant. The Cisco end can move to a route-based VPN and you can keep your end encryption-domain-based unless you need the VPN endpoints to talk to each other over the VPN (e.g, if you want to run dynamic routing over the VPN, that will require a numbered VTI). Otherwise, the other end of a tunnel doesn't know if you're using a VTI or not. You could just set your community to negotiate a gateway-to-gateway tunnel.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
