Is it possible to create mutiple VPN site to site connections between one CheckPoint FW and multiple external gateways ?
If yes, Could you please help me on this scenario:
- On HQ, I have a CheckPoint FW with two subnets: 192.168.1.0/24 and 192.168.2.0/24.
- Site A: subnet: 192.168.3.0/24
- Site B: subnet: 192.168.4.0/24.
Site A only can access to the subnet 192.168.1.0/24 and Site B only can access to the subnet 192.168.2.0/24.
I have some troubles in some points:
- On CHKP FW, defining local encryption domain, I need contains all two subnets, right ?
- On Site A GW_A: I define local subnet is 192.168.3.0/24 but remote subnet is contain both subnet 1.0/24 and 2.0/24 or only one subnet 192.168.1.0/24 ?
- Tunnel sharing on CHKP: I need to use one tunnel per a pair of subnet or one tunnel per a pair of GW ?
- Do I need to use VTI on CHKP.
Thanks all ,