This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Thin
Contributor
‎2020-09-18 04:19 AM

VPN Routing Action

Hello 

I have a question about action in vpn log.
What is the meaning of VPN Routing in logs?
Does it mean users accessing an internal network?

 

Thank you

 

0 Kudos
3 Replies
Timothy_Hall
Legend Legend
Legend
‎2020-09-18 05:26 AM

A VPN Routing action indicates that traffic was decrypted from one VPN tunnel, then re-encrypted straight into another VPN tunnel.  Usually happens between satellites in the same Star-based VPN Community if allowed in the Community settings, but can also happen between different VPN Communities as authorized by the vpn_route.conf file.  Note that the per-VPN Community VPN domain feature in R80.40 can help fine tune this behavior, see here: sk164417: Traffic from one VPN community not routed to another VPN community

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices
Self-Guided Video Series Coming Soon
SintayehuCSE
Explorer
3 weeks ago
In response to Timothy_Hall

Hello,

I am attempting to establish a VPN tunnel between two satellite devices (SPOKEs—non-Check Point products) and a central Check Point Security Gateway (HUB).

Sample Encryption Domain for:

             SPOKE A: 172.20.18.69

             SPOKE B: 10.40.90.5

Current Configuration:

  • Created separate VPN communities for each SPOKE, with the HUB as the central gateway in both.

  • Used identical encryption parameters for both VPN communities.

  • The goal is to allow traffic from SPOKE A to pass through the HUB to SPOKE B.

  • Created a static route on the HUB for routing traffic to SPOKE B encryption domain [10.40.90.5] from SPOKE A encryption domain [172.20.18.69].

Access Control Rule:

  • A single rule was created with each gateway’s encryption domain as both the source and destination.

  • The VPN Community field in the rule references both VPN community objects (one for each SPOKE).

  • (See attached image for the rule configuration.)

Issue Observed:

  • Traffic from SPOKE B reaches the HUB, and logs confirm it is being VPN-routed.

  • However, the traffic does not reach SPOKE B’s encryption domain.

  • Both Phase 1 and Phase 2 tunnels between the HUB and each SPOKE are up.

  • (See attached VPN-routed traffic log for details.)

Request for Assistance:

Could you help identify what might be wrong with this VPN routing configuration? Alternatively, do you have any recommended resources for troubleshooting similar VPN routing scenarios?

Should I set the VPN Routing option for both VPN communities:- "to Center and to other satellites through center" or "To Center only"

Thank you!

Preview file
171 KB
Preview file
54 KB
0 Kudos
Andreas_Aust
Collaborator
‎2020-09-18 05:31 AM

Remote user come in and access an address over a S2S vpn

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 07 Oct 2025 @ 09:30 AM (CEST)

    CheckMates Live Denmark!
    CheckMates Events