To create/edit a tag based VLAN:
You can create a new VLAN only if you have at least one physical interface that is not part of an
existing network (switch or bridge).
Configure the fields in the tabs:
Configuration tab
•
VLAN ID - Enter a number that is the virtual identifier.
•
Assigned to - Select the physical interface where the new virtual network is created.
•
IP address
Subnet mask
•
•
Use Hotspot - Select this checkbox to redirect users to the Hotspot portal before allowing
access from this interface. Hotspot configuration is defined in the Device > Hotspot page.
DHCP Server settings
•
Select one of the options:
•
Enabled - Enter the IP address range and if necessary the IP address exclude range. The
appliance's own IP address is automatically excluded from this range. You can also exclude
or reserve specific IP addresses by defining network objects in the Users & Objects >
Network Objects page. Reserving specific IP addresses requires the MAC address of the
device.
•
Relay - Enter the DHCP server IP address.
•
Disabled
To create/edit a VPN Tunnel (VTI):
A Virtual Tunnel Interface (VTI) is a virtual interface on a Security Gateway that is related to an
existing, Route Based VPN tunnel. The Route Based VPN tunnel works as a point-to-point
connection between two peer Security Gateways in a VPN community. Each peer Security Gateway
has one VTI that connects to the tunnel.
The VPN tunnel and its properties are defined by the VPN community that contains the two
gateways. You must define the VPN community and its member Security Gateways before you can
create a VTI.
Configure the fields in the tab:
Configuration tab
•
VPN Tunnel ID - A number identifying the VTI.
•
Peer - The name of the remote VPN site. See Configuring VPN Sites.
The VPN tunnel interface can be numbered or unnumbered. Select the applicable option:
•
Numbered VTI - You configure a local and remote IP address for a numbered VTI:
Local IPv4 address - The IP address to be used for the local point-to-point virtual interface.
•
•
Remote IP address - The IP address to be used at the peer gateway's point-to-point virtual
interface.
Check Point 1100/1200R/1400 Appliances Centrally Managed Administration Guide R77.20.70
Appliance Configuration
|
67
Need help?
Do you have a question about the CHECK POINT 1100 and is the answer not in the manual?