ipsec vpn tunnel in F5 with r77.30 checkpoint firewall

Hi Kumar,

 

f5 supports ipsec and therefore I think you can do it without problem:

 

An example here:

 

https://www.youtube.com/watch?v=NfVdC9cOjQ0

 

Here you can see another community memeber that mount an vpn ipsec with soncwall:

 

https://devcentral.f5.com/questions/ipsecvpn-f5-fortinet-54492

 

So try to mount your vpn and if you encounter a problem let me know, I have a good skills in checkpoint too.

 

Regards,

 

I can confirm that it's possible to create an IPSEC tunnel between a F5-BIG-IP and a Check Point firewall. I've been testing this in my lab with R80.10 and it's working. I've noticed that it is key to use PFS in Phase 2. Without PFS in Phase 2 it didn't work. Here are some settings I tried:

Phase 1:

SHA-1/AES-128 + DH Group 2 works!
SHA-256/AES-256 + DH Group 2 works!

Phase 2:

SHA-1/3DES + MODP1024 works!
SHA-1/AES-128 + MODP1024 works!
SHA-1/AES-256 + MODP1024 works! 
SHA-256/AES-256 + MODP1024 works!