This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Don_Paterson
MVP Gold
MVP Gold
‎2025-10-17 05:21 AM

I believe that it is true and the documentation is accurate.

The problem is that the Azure External Load Balancer (service) takes in the traffic and distributes it to the SG/s behind the LB.

Problem #2: There is no synchronisation between the SGs since they are not a cluster and only enforce same policy for the traffic that is steered towards them (which is then sticky (as far as possible (scale in events change things..) - there's other threads on that)).

By design there is no S2S VPN support.

Still worth asking though because the cloud is so dynamic and you never know what they've got in the pipeline, or in another solution.

I think this one might need to go direct to the presales team if there is a customer demand/use case.

In the newer version of the CloudGuard Blueprints they always show the VMSS in the backend at the end of the Express Route.

They used to show a cluster there so that we could assume a IPSec VPN but that changed.

Can the solution use a CloudGuard Cluster?

https://www.checkpoint.com/downloads/products/cloudguard-architecture-blueprint-diagrams.pdf

 

View solution in original post

(1)
Who rated this post