Prev Question
Next Question

Which of the following is NOT a VPN routing option available in a star community?

A.
To satellites through center only

B.
To center, or through the center to other satellites, to Internet and other VPN targets

C.
To center and to other satellites through center

D.
To center only

Explanation:
SmartConsole
For simple hubs and spokes (or if there is only one Hub), the easiest way is to configure a VPN star community
in R80 SmartConsole:
1. On the Star Community window, in the:
a. Center Gateways section, select the Security Gateway that functions as the “Hub”.
b. Satellite Gateways section, select Security Gateways as the “spokes”, or satellites.
2. On the VPN Routing page, Enable VPN routing for satellites section, select one of these options:
a. To center and to other Satellites through center – This allows connectivity between the Security
Gateways, for example if the spoke Security Gateways are DAIP Security Gateways, and the Hub is a Security
Gateway with a static IP address.
b. To center, or through the center to other satellites, to internet and other VPN targets – This allows
connectivity between the Security Gateways as well as the ability to inspect all communication passing through
the Hub to the Internet.
3. Create an appropriate Access Control Policy rule.
4. NAT the satellite Security Gateways on the Hub if the Hub is used to route connections from Satellites to the
Internet.
The two Dynamic Objects (DAIP Security Gateways) can securely route communication through the Security
Gateway with the static IP address.
https://sc1.checkpoint.com/documents/R80/CP_R80BC_VPN/html_frameset.htm

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *