I was trying to set up a S2S with checkpoint and was going through the Configuration steps provide on MS site.
https://msdn.microsoft.com/library/azure/jj156075.aspx#bkmk_DynamicRoutingIPSec
This Steps had below statements:
When setting up a Site-to-Site VPN with Azure, you will need to see if Azure is offering subnet-to-subnet or gateway-to-gateway VPN:
- If Azure is using subnet-to-subnet, them Check Point side must be configured in the following way in Check Point SmartDashboard: go to '
IPSec VPN'tab - double-click on the relevant VPN Community - go to the 'Tunnel Management' page - in the section 'VPN Tunnel Sharing', select 'One VPN tunnel per subnet pair' - click on 'OK' to apply the settings - install the policy. - If Azure is using gateway-to-gateway, them Check Point side must be configured in the following way in Check Point SmartDashboard: go to '
IPSec VPN' tab - double-click on the relevant VPN Community - go to the 'Tunnel Management' page - in the section 'VPN Tunnel Sharing', select 'One VPN tunnel per Gateway pair' - click on 'OK' to apply the settings - install the policy.
I was confused with "If Azure is using subnet-to-subnet" and "If Azure is using gateway-to-gateway".
I have a Dynamic routing setup and waiting on this clarification!!
So I do I know how Azure is configured??