Following my previous post, were we route all traffic from
site B through site A, in this post I will demonstrate how to route only
specific sites (which reside in the internet) through site A in order to use
site A public IP.
Again each site is managed by its own, so I have two
security management servers.
Create local VPN domain object, which includes all site
local networks:
Create remote VPN domain object, which includes all remote
networks + the specific IP’s which we want to route through the remote peer, in
this case noc.co.il (93.31.35.145):
These are the community object settings:
Do not check Accept all encrypted traffic
And firewall policy, which will allow and encrypt traffic
between the sites:
Note that these settings should be configured on both sites using
the relevant information for each site.
Also on the remote site we will have to add 2 more things, Firewall
policy:
And NAT policy:
Install policy on both sites and that’s it!
Products List:
CP-CLUSTER – Check Point R77.20
CP-SG3 – Check Point R77.30
Your blog has piqued a lot of real interest. I can see why since you have done such a good job of making it interesting. I appreciate your efforts very much. getmoreprivacy
ReplyDelete