- Products
- Learn
- Local User Groups
- Partners
- More
The State of Ransomware Q1 2026
Key Trends and Their Impact
Good, Better, Best:
Prioritizing Defenses Against Credential Abuse
AI Security Masters E7:
How CPR Broke ChatGPT's Isolation and What It Means for You
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
I don't believe MEP configuration is relevant if you work with Route Based VPN.
if you already have two VPN Tunnels, one from each local interface to each remote interface as you described.
assuming you consider each FG IP as different peer/object, try to set static route to the remote network behind FG going via VTI1 with ping on, and then another static route with higher priority (=lower preference) via the other VTI.
once primary tunnel goes down, ping on should remove the primary route and traffic should be redirected via secondary VTI/tunnel.
(of course you can achieve similar effect using dynamic routing.)
Each FG external IP needs to be routed statically via each local interface next hop.
also disable MEP if working with route based VPN.
in R82 you will have the enhanced link selection, which can build tunnel per interface in more elegant manner.
Thanks,
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
