Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Shay_Levin
Admin
Admin

Internet Inbound/Ingress for Azure Virtual WAN - Deep Dive Recording

We are excited to announce that Check Point is the first vendor to support ingress traffic on Azure Virtual WAN, making exposing your applications to the Internet easier than ever!

Admin guide link

(2)
10 Replies
jmaresky
Employee Alumnus
Employee Alumnus

Great work Shay!

0 Kudos
Simon_Macpherso
Advisor

hello, what is the mgmt_cli command to configure the controller for CME?

0 Kudos
Shay_Levin
Admin
Admin

mgmt_cli cme-api/v1/accounts/azure name "azure_unique_name" subscription "xxxxx" application_id "xxxxxxxxxx" directory_id "xxxxxxxxx" client_secret "xxxxxx" --format json

0 Kudos
Nir_Shamir
Employee Employee
Employee

Hi,

What role does the service principal needs in order to create ingress rule , and on what resource ?

 

thanks.

0 Kudos
Shay_Levin
Admin
Admin

  • CME account (controller) with a service principle assigned to:

    • NVA’s Managed resource group with Reader and Network Contributor roles.

    • Relevant public IP addresses (or their resource group) with Reader role.

Simon_Macpherso
Advisor

0 Kudos
EnriqueGB
Participant

Regarding to the VMs provisioned, would be possible to use a VMSS to make this solution scalable?

0 Kudos
Shay_Levin
Admin
Admin

Currently, VMSS is not supported

0 Kudos
Jeff_Engel
Employee
Employee

@EnriqueGB   Also be aware that this is an Azure limitation, not Check Point.

0 Kudos
EnriqueGB
Participant

But limitation nevertheless. The traditional VMSS + CheckPoint works wonderfully and it's great to forget sizing the just big enough sku. Once you get use to scalability is very difficult to go back.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.