- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Re: Check Point Cloudguard Standalone connectivity...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check Point Cloudguard Standalone connectivity in VMWare ESXi test set up
I have a virtual Cisco Catalyst 8000V connected to a virtual PC and to a virtual Check Point Cloudguard Standalone with a demo license. The Check Point also has a virtual PC connected.
Therefore, this is my virtual scheme:
Virtual PC1 (192.168.2.3) -> (192.168.2.2) Virtual Fortinet (192.168.3.1) -> (192.168.3.2) Cisco (192.168.4.1) -> (192.168.4.2) Check Point (192.168.6.1) -> Virtual PC2 (192.168.6.3)
I’m evaluating the Check point capabilities and first of all, now that I have everything deployed, I want to test connectivity with a ping.
From the Check Point I can ping everything, so I assume the connectivity should be correct. However, wen I ping the Check Point from any other virtual machine, the ping fails. I’m not sure whether the Check Point may have the ICMP reply disabled, because I couldn’t find any cli command or configuration in the SmartConsole (I ticked the “ping” option when I configured the interfaces in the GUI) to change that, or maybe the network configuration is wrong. I configured these static routes in the Cisco:
192.168.2.0/24 [1/01 via 192.168.3.1
192.168.3.0/24 is variably subnetted, 2 subnets, 2 Masks
192.168.3.0/24 is directly connected, GigabitEthernet3
192.168.3.2/32 is directly connected, GigabitEthernet3
192.168.4.0/24 is variably subnetted, 2 subnets, 2 Masks
192.168.4.0/24 is directly connected, GigabitEthernet2
192.168.4.1/32 is directly connected, GigabitEthernet2
192.168.6.0/24 [1/01 via 192.168.4.2
And these static routes in the Check Point:
192.168.3.0/24 via 192.168.4.1, eth2, cost 0, age 1258
192.168.4.0/24 is directly connected, eth2
192.168.6.0/24 is directly connected, eth1
Am I missing something? Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you checked if packets are actually being received by the gateway?
This can easily be established with a tcpdump on the relevant interface.