How to setup Site-to-Site VPN between Microsoft Azure and an on premise Check Point Security Gateway
Note: This article deals with setting up a VPN tunnel between Microsoft Azure and an on-premises Check Point Security Gateway. If you are interested in setting up a VPN tunnel between a Check Point Security Gateway in Azure and an on-premises Check Point Security Gateway, then refer to sk109360 - Check Point Reference Architecture for Azure.
For a detailed walk through on setting up a Site-to-Site VPN, refer to sk53980 - How to set up a Site-to-Site VPN with a 3rd-party remote gateway.
When setting up the tunnel with Microsoft Azure, you will need to use the following settings. These settings are required by Microsoft Azure. For more information, refer to About VPN Devices for Virtual Network.
- The requirement for route based VPN in IKEv2 is only relevant for the Microsoft Azure part of the configuration, since it is the single possible configuration.
- For the Check Point VPN peer, Domain Based configuration can be used for encryption domain configuration.
IKE Phase 1 setup
IKE Phase 2 setup