I’m looking for a complete end to end guide on how to create an IPSEC VPN on Checkpoint. I see some guides on the Checkpoint site but they seem very light, and mostly just cover creating the VTI interfaces. I don’t have a lot of Checkpoint experience so need all the steps.
I have lots questions but here are a few;
Do you have to create the static routes via the tunnel interfaces in Gaia
When yo create a firewall policy do you still need to select a VPN community in the policy? (How does the Firewall know if it’s a route-based VPN or Policy-VPN?)
Thanks
When yo create a firewall policy do you still need to select a VPN community in the policy? (How does the Firewall know if it’s a route-based VPN or Policy-VPN?)
No. The firewall knows its a route based because the enc domain is [supposed to be*] defined as ‘blank’. policy vpn requires enc domain definitions and the use of vpn communities.
*you can have a mix of route based and policy (domain) based VPN at the same time to make things even more confusing.
Have you checked on CheckMates for a guide?
Thanks for the answers. I didn’t know about checkmates but will look there. Thank you