We're currently deploying a new CheckPoint R80.40 HA cluster each time we add a new GCP region, which is every 1-2 months. I've noticed even after 3 years, the wizard is still a bit buggy/error prone. I particular, it requires removing the default IP addresses from each interface, otherwise new networks will be created even when a pre-existing network has been selected:
Also, if more networks existing in the project than are selected, there will be an error and all 6 internal interfaces must have networks defined even if only 1 is used:
Is it possible to deploy the clusters/gateways via CLI, YAML file, or Terraform? I'm trying to see if we can smooth out the process
Not aware of a way to do this beyond the template in the GCP portal.
Have you reported the various issues with the template to TAC?
Also, have you tried R81.10, which is the current widely recommended version?
Yeah, I can file a ticket but up to this point TAC has told us they can't support cloud deployments, even though we have Diamond support. As you can probably guess, we were not happy this this response and have decided to look at other vendors.
I did a PoC for R81 last year and it was basically unusable. We're currently standardized on R80.40 and the migration to R81 will likely not be until next year. As you probably know, upgrading existing clusters is non-trivial as it requires them to be deleted and re-created, which means 1-2 hours downtime.
Oh wow thanks! Works great except it's not clear what to set 'image_name' to. This is what worked for me for R80.40 HA BYOL:
image_name = "check-point-r8040-gw-byol-cluster-294-904-v20210715"