Open Frames Download Complete PDF Send Feedback Print This Page

Previous

Next

Using Third Party VPN Peers with Many External Interfaces

When you use third-party VPN peers and have multiple external interfaces on the 61000/41000 Security System, you must configure the SGMs and the Management Server.

To configure the 61000/41000 Security System:

  1. Run this command on the SMO:

    # g_update_conf_file $FWDIR/modules/vpnkern.conf ipsec_use_p1_src_ip=1

  2. Reboot all SGMs.

To configure the Management Server:

  1. Open $FWDIR/lib/vpn_table.def in a text editor.
  2. Add this line to the configuration file:

    dynamic_ipsec_source_address = dynamic sync keep expires EX_INFINITE;

  3. In SmartDashboard, install policy.
 
Top of Page ©2014 Check Point Software Technologies Ltd. All rights reserved. Download Complete PDF Send Feedback Print