I have a problem from the last 3 weeks that I cannot resolve. I want to configure a NAT rule to redirect all IPSec traffic from a external device to my internal device (it is not a CP device).
The problem is that I have configured a NAT rule and PING packets arrives correctly to internal device (NAT configuration works). When IPSec is sended instead of PING traffic the CheckPoint device does not redirect the packets (but I can see them with arriving to CP device). So it seems CheckPoint catch all IPSec traffic.
Is it possible to redirect IPSec traffic in a CP device? How can I do that? I have a r80.10 in clusterXL (I think IP aliases are not allowed in clusterXL..).