Azure Internal Load Balancer after checkpoint
Hello team ,
We have a customer where we will be using checkpoint HA in Azure for north-south traffic .
There is an Azure external LB before Checkpoint .
Now there is another Internet Juniper VSRX Standalone FW where all the VPN tunnels(from on prem) will be terminating.
Question is can we use a common Internal Load Balancer for both these Firewalls .?
We want all the outbound traffic to go via Checkpoint
and all the on-prem specific traffic go via vSRX
There is a plan to have a F5 WAF after the Internal Load Balancer.
So can we have a common Internal Load Balancer to serve as a backend for both Checkppoint and Juniper
I would use UDRs (User defined Routes) to direct the OnPrem networks to the Juniper SRX
Could be both ways, depending on where (subnet) you deploy your UDRs:
1. OnPrem <-> SRX <-> CP <-> Azure
2. OnPrem <-> SRX <-> Azure