This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
NAT_AIR
Explorer
‎2023-09-14 03:21 AM

Check Point Cloudguard Standalone connectivity in VMWare ESXi test set up

I have a virtual Cisco Catalyst 8000V connected to a virtual PC and to a virtual Check Point Cloudguard Standalone with a demo license. The Check Point also has a virtual PC connected.

Therefore, this is my virtual scheme:

 

Virtual PC1 (192.168.2.3) -> (192.168.2.2) Virtual Fortinet (192.168.3.1) -> (192.168.3.2) Cisco (192.168.4.1) -> (192.168.4.2) Check Point (192.168.6.1) -> Virtual PC2 (192.168.6.3)

 

I’m evaluating the Check point capabilities and first of all, now that I have everything deployed, I want to test connectivity with a ping.

From the Check Point I can ping everything, so I assume the connectivity should be correct. However, wen I ping the Check Point from any other virtual machine, the ping fails. I’m not sure whether the Check Point may have the ICMP reply disabled, because I couldn’t find any cli command or configuration in the SmartConsole (I ticked the “ping” option when I configured the interfaces in the GUI) to change that, or maybe the network configuration is wrong. I configured these static routes in the Cisco:

 

192.168.2.0/24  [1/01 via 192.168.3.1

192.168.3.0/24  is variably subnetted, 2 subnets, 2 Masks

192.168.3.0/24  is directly connected, GigabitEthernet3

192.168.3.2/32  is directly connected, GigabitEthernet3

192.168.4.0/24  is variably subnetted, 2 subnets, 2 Masks

192.168.4.0/24  is directly connected, GigabitEthernet2

192.168.4.1/32  is directly connected, GigabitEthernet2

192.168.6.0/24  [1/01 via 192.168.4.2

 

And these static routes in the Check Point:

 

192.168.3.0/24               via 192.168.4.1, eth2, cost 0, age 1258

192.168.4.0/24               is directly connected, eth2

192.168.6.0/24               is directly connected, eth1

Am I missing something? Thanks!

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2023-09-14 03:52 PM

Have you checked if packets are actually being received by the gateway?
This can easily be established with a tcpdump on the relevant interface.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events