AnsweredAssumed Answered

Send Log to other SIEM server using site-to-site VPN

Question asked by MUHAMMAD AIMAN AZZIM JAMUDIN on Dec 18, 2018
Latest reply on Dec 19, 2018 by Dameon Welch-Abernathy

Hi all,


This is my first time using checkmate. I just want to ask some question regarding sending Syslog using LogExporter via Site-to-Site (S2S) VPN. Basically, we want to create S2S VPN with 3rd party firewall. I have done configure interoperable device on SmartConsole. The issue is when I trying to ping from my checkpoint management to other SIEM server, the connection is drop. (You may refer my network diagram for detail). From another side, they said I advertise my VPN tunnel using Public IP instated local subnet


I have viewed the log from SmartView tracker and here the detail log;


Source: y.y.y.4 (physical Public IP Gateway)

Destination: x1.x1.x1.10 (External Syslog Server)

Protocol: ICMP

Interface: eth1 (Public IP Port)


NAT additional rule number: 0

NAT rule number: 0

Xlate Src: y.y.y.5 (Virtual Public IP Gateway)

VPN Peer Gateway: y.1.y1.y1.2 (Public IP 3rd Party Firewall)


From 3rd party firewall side, they define my peer local subnet as x.x.x.253 and x.x.x.200. On my VPN Domain, I have set IP x1.x1.x1.10. Should I create manual NAT on CheckPoint or define CheckPoint Public IP as peer local subnet?


Can someone advise me on this? Thank you in advance