Hi All,
We are trying to implement an IPsec in Tunnel mode (site-to-site) between Windows 2008 R2 and Checkpoint Firewall. The only option we are finding in the IPsec rules (mmc -> IPsec policy mgmt -> New rule) is to mention one IP Address (IPv4 or v6) as tunnel endpoint. We have multiple Checkpoint Firewalls as tunnel endpoints to manage the load balancing. Is it possible to define multiple IP addresses as tunnel endpoint or is there a way to define the FQDN name so that the IP addresses are resolved using DNS and a tunnel is established between the resolved IP returned.
One more thought - If we define a VIP (Virtual IP) for the checkpoint firewalls, and define that VIP as a tunnel endpoint will it work?
Appreciate any help in this regard.