VPN Config vShield Edge to CheckPoint

This document is covering vShield to CheckPoint VPN configuration.

vShield defaults are on such article,  for configuration on vShield side you can get reference from this article.

CheckPoint steps and screenshots are below ;

First create the device 


Then create an object for remote network which cover xx.xx.xx.xx/24 for example and integrate it with device


if you already have some vpn configuration before pls add you local network on related group which is described on Manually defined , if you do not have create one group object and add your local network which will make a vpn configuration with remote site and set it


Create a community 


Aggregate two firewalls 

Configure Phase 1 & 2

Set encryption and has algorithm for phase 1 & 2

Set DH Group , SPF and timeout values 


Set pre-shared key


Add a rule(s)….


Thats it !

Thanks to Cem , you can find out many useful articles on his blog http://www.cemkayar.com



Posted on 09/11/2012, in CheckPoint, vShield Edge and tagged , , , . Bookmark the permalink. 2 Comments.

  1. I want just confirm the feasibility of this solution. Recently I’ve implemented a vpn connection between a virtual firewall checkpoint (VSX) and vshield host.
    I want to leave here only few tips that could be useful for someone.

    1) During the definition of the interoperable device, I’ve specified the topology as well as the vpn domain. So I have created a /32 external type network and the internal type network that match to that inside vpn domain.
    2) Regards the property of meshed community, I had to select in Tunnel Management: VPN Tunnel Sharing > One VPN tunnel per subnet pair
    3) I have also used NAT inside tunnel and it works.

    Thanks also Vahric for support.

    Hope this help



  2. Thank you too Igor, blogs are nothing if no comment under for me 😀

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: