CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 2 of 2

Thread: Numbered Interface - VTI

  1. #1
    Join Date
    2017-04-08
    Posts
    23
    Rep Power
    0

    Default Numbered Interface - VTI

    I was studying Numbered interface and want to know, can the local IP and remote IP can be any IP or need to be IP address that is configured on gateways.

    What is the best practice used to configure numbered interface?

    should use public IP or the gateway object IP (if it is private IP).

    Thanks

  2. #2
    Join Date
    2007-06-04
    Posts
    3,299
    Rep Power
    17

    Default Re: Numbered Interface - VTI

    When using Numbered IP VTI then only relevant locally on the box and it's VPN Peer.

    Normally people seem to use 169.254.x.x IP addresses, using consecutive IP so for instance

    169.254.0.1 for local and 169.254.0.2 for remote

    As the 169.254.x.x/16 is not typically used on a network then won't overlap with your network

    Through the Peer defined which then picks up the actual gateway ip from the Object defined in SmartConsole so make sure that the Peer Name you give is EXACTLY the same as the Object Name for the remote gateway

Similar Threads

  1. Replies: 0
    Last Post: 2019-01-30, 19:28
  2. Replies: 1
    Last Post: 2018-07-02, 13:31
  3. Replies: 2
    Last Post: 2014-05-01, 21:33
  4. NAT on external interface not DMZ interface???
    By cpguy in forum NAT (Network Address Translation)
    Replies: 4
    Last Post: 2012-12-10, 17:12
  5. cluster works on one interface, but fails on another interface
    By shmilyh in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 1
    Last Post: 2009-08-20, 02:22

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •