Technical data
Managing VSX Clusters
Check Point VSX Administration Guide NGX R67 | 105
In the Set VPN Domain window, select a VPN domain from the list or click New to define a new domain.
Click OK in both windows to continue.
NAT
The Advanced page allows you to configure NAT for Virtual Systems connected to a Virtual Router.
To enable and configure NAT:
1. Enable the Add Automatic Address Translation option.
2. Select a translation method from the list.
Hide NAT: Hide NAT only allows connections originating from the internal network. Internal hosts
can access internal destinations, the Internet and other external networks. External sources cannot
initiate a connection to internal network addresses.
Static NAT: Static NAT translates each private address to a corresponding public address.
3. If you select Hide NAT, select one of the following options:
Hide behind Gateway hides the real address behind the VSX gateway external interface address.
This is equivalent to hiding behind the address 0.0.0.0, or
Hide behind IP Address hides the real address behind a virtual IP address, which is a routable,
public IP address that does not belongs to any real machine.
4. If you selected Static NAT, enter the static IP address in the designated field.
5. Select the desired VSX cluster from the Install on Gateway list.
IPS
VSX uses the default protection profile. There are no configurable properties on this page.
VPN
The VPN page contains a variety of configuration properties for clusters in site-to-site VPN deployments.
This window is only available if the Check Point VPN product is enabled on the General Properties page.