ipsec vpn tunnel in F5 with r77.30 checkpoint firewall

Question

Hi All&nbsp;
Can we make ipsec vpn tunnel in F5 with r77.30 checkpoint firewall.&nbsp;

youssef1 · Answer

Hi Kumar,&nbsp;
f5 supports ipsec and therefore I think you can do it without problem:&nbsp;
An example here:&nbsp;
https://www.youtube.com/watch?v=NfVdC9cOjQ0&nbsp;
Here you can see another community memeber that mount an vpn ipsec with soncwall:&nbsp;
https://devcentral.f5.com/questions/ipsecvpn-f5-fortinet-54492&nbsp;
So try to mount your vpn and if you encounter a problem let me know, I have a good skills in checkpoint too.&nbsp;
Regards,&nbsp;

niels_van_sluis · Answer

I can confirm that it's possible to create an IPSEC tunnel between a F5-BIG-IP and a Check Point firewall. I've been testing this in my lab with R80.10 and it's working. I've noticed that it is key to use PFS in Phase 2. Without PFS in Phase 2 it  didn't work. Here are some settings I tried:
Phase 1:
SHA-1/AES-128 + DH Group 2 works!
SHA-256/AES-256 + DH Group 2 works!

Phase 2:
SHA-1/3DES + MODP1024 works!
SHA-1/AES-128 + MODP1024 works!
SHA-1/AES-256 + MODP1024 works! 
SHA-256/AES-256 + MODP1024 works!

Forum Discussion

ipsec vpn tunnel in F5 with r77.30 checkpoint firewall

2 Replies

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

Managing iRules configuration

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

GRE Tunnel Issue

Related Content

Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy

Integrating SSL Orchestrator with CheckPoint Firewall VM-Bridge Mode (L2)

Integrating SSL Orchestrator with CheckPoint Firewall VM-Transparent Proxy

F5 AFM/Edge Firewall and the difference between Edge Firewalls and Next-generation Firewalls (NGFW)

GRE Tunnel Issue

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS