Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
--Jay--
Explorer

Azure vWAN integration on a 1550 appliance

hi All !

Folling the logic in this guide ...
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
I was able to succesfully create multiple Azure vWAN integrations on Checkpoint 3200 Appliance.

Redundant tunnel interfaces , following the Azure vWAN setup, are created wthout issue in the 3200 in CLI, as detailed in the aforementioned guide.
add vpn tunnel 1 type numbered local 100.64.220.1 remote 10.250.0.12 peer vwan01 
add vpn tunnel 2 type numbered local 100.64.220.1 remote 10.250.0.13 peer vwan02

The issue at hand  on a  Checkpoint 1550 Applicance, is with this redundant setup of vpn tunnel interfaces.
When creating the 2nd vpn tunnel interface , an error is yielded:
"Could not set interface ipv4-address: IP address is in the subnet of an existing network"

Troubleshooting shows that the vpn tunnel interface already created (IP 100.64.220.1  in the example) is causing th error.

Am I missing a prerequisite here?
A difference between 3200 and 1550 ?
A BGP condition missing?


 

0 Kudos
3 Replies
Chris_Atkinson
Employee
Employee

Which firmware version is the 1500 deployed with?

I would consult TAC further with sk111840 as a reference.

0 Kudos
--Jay--
Explorer

The 1550 "fw ver" command output...
"This is Check Point's 1550 Appliance R81.10.00 - Build 506"

0 Kudos
--Jay--
Explorer

A TAC case at Checkpoint Support shows that only one VPN tunnel interface is supported on the SMB1500 gateway. Not the default redundant/dual tunnel supported by Azure vWAN.
The dual tunnel configuration will be supported by the SMB1500 gateway in the future, but no ETA is currently available for it.

0 Kudos