Hi, I have just been asked to setup from scratch a IP130 with Checkpoint NGAI to work through a ADSL router/modem to the internet with a VPN back to our main site which has a IP530 with Checkpoint NGAI.
Questions I have are;
1. If the IP130's external interface is in a subnet with the ADSL router, does the IP addresses have to be real or can they be private.
2. Which IP does the Checkpoint licence end up tied to, the IP130 external IP or the ADSL routers external IP.
Any pointers or places to look would be most appreciated.
1. If the IP130's external interface is in a subnet with the ADSL router, does the IP addresses have to be real or can they be private.
You need a pubblic address on firewall, and this ip address is the the licensed one as a vpn gateway, from a checkpoint point of view.
2. Which IP does the Checkpoint licence end up tied to, the IP130 external IP or the ADSL routers external IP
the external ip130 address is the vpn-gateway licensed from checkpoint, and this ip should be on wan subnet of router, cause this ip should be visible on internet as a vpn gateway., and it should accept from other vpn gateway the right protocol.
