CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 6 of 6

Thread: Configure 1000NW as a WAP (not sub-netted) from an SG620

  1. #1
    Join Date
    2015-11-11
    Posts
    4
    Rep Power
    0

    Question Configure 1000NW as a WAP (not sub-netted) from an SG620

    I have a 1000NW base LAN bridged to its base WAN, and would like to pull DHCP from an SG620's base LAN. Is this possible? I've not found any documented way to do this. I'll be up-front and admit that I'm a retired software consultant, and not a network expert, so I will understand if I'm considered to be intruding on anyone's time and/or purpose on this forum.

  2. #2
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,654
    Rep Power
    10

    Default Re: Configure 1000NW as a WAP (not sub-netted) from an SG620

    yeah, that should be possible. I think all you need to do is tell the wifi to bridge with LAN1_Switch. Not sure how to do this off the top of my head, but i'll poke around or someone else will answer.

    Or maybe that will put you on the right path and you'll find it!

  3. #3
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,654
    Rep Power
    10

    Default Re: Configure 1000NW as a WAP (not sub-netted) from an SG620

    Oh wait.. ignore this. I misread your post.

  4. #4
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,654
    Rep Power
    10

    Default Re: Configure 1000NW as a WAP (not sub-netted) from an SG620

    Quote Originally Posted by OldWindowsGuy View Post
    I have a 1000NW base LAN bridged to its base WAN, and would like to pull DHCP from an SG620's base LAN. Is this possible? I've not found any documented way to do this. I'll be up-front and admit that I'm a retired software consultant, and not a network expert, so I will understand if I'm considered to be intruding on anyone's time and/or purpose on this forum.
    Ok let me try this again. I don't have access to a 1000NW. I've also never used one before.

    To verify. You're access point is on the 1000NW correct?

    And you want to use the WAN port on the 1000NW and put it into the LAN port of the 620?

    I'm assuming your out of LAN ports on the 1000NW or something like that?

    The end goal is to bridge the AP on the 1000NW to the LAN on the SG right?

  5. #5
    Join Date
    2010-11-11
    Posts
    57
    Rep Power
    10

    Default Re: Configure 1000NW as a WAP (not sub-netted) from an SG620

    Quote Originally Posted by OldWindowsGuy View Post
    I have a 1000NW base LAN bridged to its base WAN, and would like to pull DHCP from an SG620's base LAN. Is this possible? I've not found any documented way to do this. I'll be up-front and admit that I'm a retired software consultant, and not a network expert, so I will understand if I'm considered to be intruding on anyone's time and/or purpose on this forum.
    Hi,
    the bridge feature on safe@is not transparent. This device is not a switch and dhcp discovery will fail, as the broadcast packets will be dropped between ports. To make this work you still have configure firewall rules to allow all relevant dhcp traffic from one port through another. I'm not positive whether is is possible at all from the WebUI and i think there also isn't a dhcp helper option.

    Imho an easier way would be to set up dhcp relay on the safe@.

    AP network -> 1000NW (DHCP Relay) -> transfer DMZ network -> SG620 ( DHCP Server) -> LAN/Internet

  6. #6
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,654
    Rep Power
    10

    Default Re: Configure 1000NW as a WAP (not sub-netted) from an SG620

    The solution posted sounds pretty good. Do you understand what has been discussed? Drop a line if you need help.

    BTW i know this might not be ideal for many reason (like money? ) but checkpoint has a new SMB firewall with a large amount of ports and wifi built in. Check out the 770 or 790.

Similar Threads

  1. Safe@Office 1000NW - WLAN <-> LAN and VPN Tunnel
    By peterm in forum Check Point Safe@Office Appliances
    Replies: 0
    Last Post: 2011-08-19, 04:09
  2. CP R65 HFA70 to Safe@office 1000NW Site to site VPN - Help!
    By DrkNite in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 3
    Last Post: 2010-10-01, 11:16
  3. Can't configure SIC
    By goldarrow in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 4
    Last Post: 2010-01-28, 04:46
  4. Can I configure HA with just 2 NIC?
    By quake_wu in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 5
    Last Post: 2010-01-08, 11:53
  5. How would you configure this?
    By danjun in forum IPsec VPN Blade (Virtual Private Networks)
    Replies: 2
    Last Post: 2008-03-04, 15:43

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •