This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Phianne_C133188
Explorer
yesterday

Check Point ElasticXL integration with FortiGate firewall

Hi, I am new to Check Point and I am currently planning for the deployment of two Check Point Quantum Force 9700 Plus Security Gateways running R82 with ElasticXL.

The two Security Gateways will be connected, each by a single link, to a FortiGate 101F firewall. So like:

FG port 1 -> CPSG01 eth2

FG port 2 -> CPSG02 eth2

However I am having difficulties understanding how the interfaces are supposed to be configured.

Based on my understanding, combining the two FortiGate links into a Layer 3 LACP bond is not viable because the two CP links are considered separate (based on this post I read https://community.checkpoint.com/t5/Firewall-and-Security-Management/ElasticXL-Bond-Aggregate-Behavi...).

However, I'm not sure if I can configure the two FortiGate links as a redundant interface (active/backup) either because the SMO might choose the non-pivot member to forward traffic, which means both links on the FortiGate will need to be up. In that case, would ElasticXL detect the active interface automatically and forward traffic over it accordingly?

Would appreciate if anyone has insights into how I could go about configuring the interfaces.

Thanks!

 

0 Kudos
1 Reply
simonemantovani
MVP Silver
MVP Silver
15 hours ago

Hello

on my side, is not clear the reason why you want to connect the two check point directly to the Fortigate; you need to put a couple of switches L2 between Fortigate and Check Point.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events