- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
I don't believe MEP configuration is relevant if you work with Route Based VPN.
if you already have two VPN Tunnels, one from each local interface to each remote interface as you described.
assuming you consider each FG IP as different peer/object, try to set static route to the remote network behind FG going via VTI1 with ping on, and then another static route with higher priority (=lower preference) via the other VTI.
once primary tunnel goes down, ping on should remove the primary route and traffic should be redirected via secondary VTI/tunnel.
(of course you can achieve similar effect using dynamic routing.)
Each FG external IP needs to be routed statically via each local interface next hop.
also disable MEP if working with route based VPN.
in R82 you will have the enhanced link selection, which can build tunnel per interface in more elegant manner.
Thanks,
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY