You want to set up a VPN tunnel to an external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.
You want to set up a VPN tunnel to an external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.
To set up a VPN tunnel between two subnets and not all subnets defined in the default VPN domain, you should create a dedicated VPN Community for both Gateways in SmartConsole. Within the VPN Community settings, select the local gateway and set the VPN Domain to 'User defined' and specify the local network. This configuration ensures that the VPN is established only between the specified subnets.
C is correct
Should be C. Kortex book CCSE, page 415, step 4 and 5. "Under the 'VPN Domain', select the option 'User Defined' and clock on the button with three dots." and further nothing is said about the user.def file
My instinct was D, which seemingly was a valid method pre R80.40 https://community.checkpoint.com/t5/Security-Gateways/Site-To-Site-VPN-with-Multiple-Subnets/td-p/21509 "Keep inmind in R80.20 you can disable supernetting per community." So in later versions they enabled this.. so must be C
Should be C. Kortex book CCSE, page 415, step 4 and 5. "Under the 'VPN Domain', select the option 'User Defined' and clock on the button with three dots." and further nothing is said about the user.def file
Not sure but I think it should be C
Correct answer is C