Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sanjay_S
Advisor

Dynamic VPN Configuration

Hi All,

Is it possible to configure the Dynamic VPN IPsec tunnels in Checkpoint as same as Cisco ASA?

Means, no static Peer IP and without peer ip we just configure the dynamic crypto map in cisco ASA with the PSK and all parameter so that the peer establishes the VPN. Is it something similar can be done in Checkpoint?

Regards,

Sanjay S

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

You can create a VPN with a peer that has a dynamic IP, yes.
The relevant object in the Check Point configuration must have the Dynamic IP option ticked in the General Tab.
Also, certificate-based authentication must be used as we do not allow PSKs when the remote IP is not fixed as they are significantly less secure.

0 Kudos
Sanjay_S
Advisor

Thanks PhoneBoy, I will work on this and get back to the same thread if any further doubts on this.

0 Kudos
_Val_
Admin
Admin

Yes

0 Kudos