cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Blackhole static routes in VSX

I am trying to advertise a non-connected network on the checkpoint virtual system in OSPF. Usually we would just add a blackhole/null0 static route and redistribure that in OSPF but I cannot find a way to add this type of static route in VSX

Can you point me in the right direction please or if there is a better way to advertise this in OSPF

Also how do I go about configuring a loopback interface in VSX ?

Many thanks

5 Replies
Admin
Admin

Re: Blackhole static routes in VSX

From clish, you should be able to add a loopback interface: add interface lo loopback <IP Address>/<Mask>

See also: Gaia Advanced Routing R80.10 Administration Guide 

0 Kudos

Re: Blackhole static routes in VSX

Many Thanks Dameon; however the command is not available in clish (note this is VSX gateway)

fw1> add interface lo loopback 10.1.1.1 255.255.255.255
CLINFR0329  Invalid command:'add interface lo loopback 10.1.1.1 255.255.255.255'

fw1> add
aaa              - Authentication authorization and accounting
allowed-client   - Add allowed client
arp              - Add ARP entries
backup           - Start a backup of the system
backup-scheduled - Determine the type of scheduled-backup of the system
bonding          - Configure bonding interfaces
cloning-group    - Configure Gaia Cloning Group
command          - Add extended command.
cron             - Add new scheduling for a command
dhcp             - Configure or view DHCP settings.
group            - Specify group name
host             - Static host configuration
netflow          - NetFlow export of traffic information
rba              - Role-based administration configuration
snapshot         - Take snapshot
snmp             - Simple Network Management Protocol Information
syslog           - System log configuration
upgrade          - Upgrade of Check Point OS and Products
user             - A user name
vpn              - vpn configuration

Any ideas for VSX ?

Also what about the blackhole route piece ?

0 Kudos
Vladimir
Pearl

Re: Blackhole static routes in VSX

Have you tried adding the loopback to the VSX itself and then choosing it from the VS context?

0 Kudos

Re: Blackhole static routes in VSX

Sorry for the late response.. but i have tried to add it via VS0 but unable to do so..

vsxgw1:TACP-15:0> add interface lo loopback 10.1.1.1/32
CLINFR0699  Invalid command.

Any more ideas ?

0 Kudos
Vladimir
Pearl

Re: Blackhole static routes in VSX

I believe that you supposed to perform "set vsx off" before adding new interface and "set vsx on" once it is done.

0 Kudos