Hi

I have a question while testing some things to upgrade the customer's CloudGuard firewall OS.

I have little experience with the cloud environment, so everything is full of questions.

I would really appreciate it if you could help me in any way.

First, a problem occurred while changing the firewall default gateway, and Please refer to the photo below for configuration changes.

The problem I encountered was that as soon as I changed the default static-route of the check point, all communication became impossible.

Of course, I also changed Azure routing table.

When attempting icmp with 8.8.8.8, Network Unrechable occurred, so it is believed that there is a problem with the network itself.

If you look at the ip route show command, the default route does not appear either.

After referring to some documents and predicting, there is no need to touch the firewall's OS config, and it is expected that all you need to do is change the routing table in Azure.

Is what I thought correct?

If I'm right, I have a question

1. If the '0.0.0.0/0' route in the Azure routing table is set to 10.250.102.4 and the DG in the Check Point firewall is set to 10.250.116.17, is this correct that Check Point OS Config will be ignored and the Azure routing settings will take precedence?

2. According to my experience, if you change the DG with check point's set static-route command, all external Internet communications become 'Network Unrechable'.

If I change static-route in check point os config, is there a conf file that needs to be modified separately?

I would appreciate any help