This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
DjaneDu
Explorer
‎2023-03-22 10:04 PM

Flow based traffic over vpn

Hi All,

 

Good day to you. I have a question regarding the below scenario and it would be great if you can provide me a brief solution for this.

I have 5 checkpoint firewalls and want to send all the internet traffic of 4 firewalls from a 1 single centrally located firewall.

Scenario 1

Let's say I put all those traffic via a site-to-site VPN from all the other 4 firewalls to a 1 central firewall without using a smart management server. In this kind of a scenario, will i be able to send the flow traffic(for the log gathering purpose) or syslog based traffic over the same VPN tunnels to the same central location so that I would be able to export those logs.

Scenario 2

 

Let's say I have SMS in the central location and the only centrally located firewall that can route to the internet. Let's say that all the firewalls are needed to be added under that SMS. How I am going to get the logs from the other 4 locations to the central located gateway and SMS. Sorry if my scenarios are wrong but please explain a possible scenario.

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2023-03-27 09:32 AM

Theoretically, you can set up SIC with an external log server (i.e. not one managed by the same SMS).
This mentions SmartEvent, but much of the setup is similar for just a log server: https://support.checkpoint.com/results/sk/sk35288 

If the gateways are all managed by the same SMS, then the logs will actually flow via SIC (which is already encrypted) and NOT through the VPN tunnel.
However, your management server will need some sort of static NAT accessible by the remote gateways.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events