Can i import an Internal ELB from aws and use it in the NAT and security policy
we are trying to setup an internal ALB and nat to the Public IP of the On-prem firewall so any inbound connections go from the public ip get NAT'ed and go to the internal ALB via VPN and VGW, i do not see any load balancers when i import objects using cloudguard controller
This is required because ELBs are load balanced with DNS.
Using the Logical Server object as described in SK handles this and performs the necessary NAT.
sk104249 deals with scenario when CheckPoint vSEC runs in AWS VPC.
When CheckPoint gateway sits on-premises and has VPN tunnel to Amazon VPC this solution fails to match ELB traffic. One can try using domain objects, but it is still not the best solution.
Even if the ELB could be imported with CloudGuard Connector, you wouldn't be able to use it in the NAT policy anyway.
But you could use a Dynamic Object and update it based on a DNS record.