Hello All,
I have problem with certification and site to site connection with my device (Checkpoint <=> Mikrotik with dinamic ip addres).
- Do you only need to create one certificate, or I need make two (for server and client side). Ma checkpoint device have internal certificat?
- When I create certificat on mikrotik, I cant make certificat with flag I, In my case allways flag A. Is that a problem? (https://wiki.mikrotik.com/wiki/Manual:Create_Certificates)
- IPsec/Peers : When I create Peers in Exchange Mode I use “main” or “ike2”?
- IPsec/Peers : When I create Peers in Certificate I used certificat from mikrotik, in Remote Certificate I used certificate from Checkpoint? It is a correct?
Thanks a lot