This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
CaseyB
Advisor
‎2025-07-22 09:23 AM

OSPF P2P - R82.10

Configuring OSPF this morning on R82.10 Build 271.

It appears that when using P2P mode, OSPF learned routes still show-up as hidden / inactive. Per sk116500 OSPF Point-to-Point on Ethernet configuration/functionality is available on all appliances in R81.10 and above versions.

While the functionality is there, it appears you still need to go the extra step and create a route-map to get this to work. Is there any plan to remove this extra step or did I configure something wrong?

I switched it from P2P to broadcast and everything worked as I originally thought without extra steps.

(1)
6 Replies
cortnieg
Employee
Employee
‎2025-12-01 01:31 PM

Hi Casey,

Can you share the OSPF P2P configuration from each GW? On the GW with the inactive/hidden routes, please share the output of "show ospf database" and "show route all".

Thanks,

Cortnie

0 Kudos
(1)
CaseyB
Advisor
‎2025-12-02 05:42 AM
In response to cortnieg

I'll have to see about setting something up to get that for you. The firewall this was performed on has been in production for months now using broadcast. I still have a 3920 I have not deployed yet though.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2025-12-01 08:23 PM

Additionally, if you happen to have a TAC case open for this please share the SR so that we can follow-up internally.

CCSM R77/R80/ELITE
0 Kudos
(1)
gkhokhlov
Employee
Employee
Tuesday
In response to Chris_Atkinson

Hi @Chris_Atkinson and @cortnieg we have a SR 6-0004456069, our customer uses P2P with /31 mask due to RFC 3021, but OSPF routes hidden and we can't fix it. 
One recommendation that we received from RnD and TAC is "change your configuration from /31 to /30 or other, because both routers must be in same network". 

But the RFC says that /31 can be used.

Is there a more detailed explanation of the reasoning behind this or any specific recommendations?

Or does Check Point not support this standard?

 

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
Tuesday
In response to gkhokhlov

To be clear /31 usage and P2P networks are related but not the same requirement.

Suspect you will need to submit an RFE but you will need a workaround in the interim.

CCSM R77/R80/ELITE
0 Kudos
(1)
gkhokhlov
Employee
Employee
Tuesday
In response to Chris_Atkinson

Thank you! 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events