This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
CaseyB
Advisor
‎2026-01-29 06:17 AM
In response to ibrown

It sounds like you just have a mismatch of the hosts/networks being used in the Phase 2 proposal.

  • Which tunnel sharing mode are you using under "Tunnel Management"?
  • Both devices need to match / agree on the hosts/networks being exchanged and they need to use the same /CIDR

I find it helpful to use granular encryption domains for all VPN tunnels, so I know Check Point is using the right /CIDR of a subnet in a tunnel. If you are just exchanging a couple subnets, you would use something like this:

  • Tunnel Sharing Mode: One VPN tunnel per subnet pair
  • Create a new simple network group containing the subnets you want to exchange.
  • Apply the group to the community.

vpn_domain.png

(1)
Who rated this post