VPN Tunnel Interfaces

Virtual Tunnel Interface (VTI) is a virtual interface that is used for establishing a Route-Based VPN tunnel. Each peer Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. has one VTI that connects to the VPN tunnel.

The VPN tunnel and its properties are configured by the VPN community that contains the two Security Gateways.

You must configure the VPN community and its member Security Gateways before you can create a VTI.

To learn more about Route Based VPN, see the R81.20 Site to Site VPN Administration Guide > Chapter Route Based VPN.

Note - The name of a VPN Tunnel interface in GaiaClosed Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. is "vpnt<VPN Tunnel ID>". For example, the name of a VPN Tunnel interface with a VPN Tunnel ID of 5 is "vpnt5".

Procedure:

  1. Create and configure the Security Gateways.

  2. Enable the IPsec VPNClosed Check Point Software Blade on a Security Gateway that provides a Site to Site VPN and Remote Access VPN access. Software BladeClosed Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. in the objects of the applicable Security Gateways.

  3. Configure the VPN community in SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. that includes the two peer Security Gateways.

  4. Make Route Based VPN the default option.

    Do this procedure one time for each.

  5. Configure the VTI.

    You can configure the VPN Tunnel Interfaces (VTI) in Gaia PortalClosed Web interface for the Check Point Gaia operating system. or Gaia ClishClosed The name of the default command line shell in Check Point Gaia operating system. This is a restricted shell (role-based administration controls the number of commands available in the shell)..

  6. Configure Route Based VPN Rules.

  7. Install the policy and test.