Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
clemylton
Explorer

Multiple internet links

Hi guys

I have 4 servers on my LAN, protected by the checkpoint. And I have 4 internet links. how could i configure the servers to navigate the internet using only one of each link? what features should i use?

I need that each must have its exclusive access to the Internet using only one of the links.

Can someone help me?

 

Thanks!

 

 

 

 

0 Kudos
9 Replies
PhoneBoy
Admin
Admin

That largely depends on what Check Point product you have and version/JHF level.
But I would assume it would involve policy-based routing.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

I second that, look here:

sk100500: Policy-Based Routing (PBR) on Gaia OS

sk167135: Policy-Based Routing and Application-Based Routing in Gaia

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
clemylton
Explorer

Hi,

Thanks for your reply. Im running R80.40. Im very confused about static routes and PBR.

All my internet links are configured in my default route. I've tried several configurations using PBR but no success so far.

My doubt is how to set one especific internet link as gateway for a specific server.

0 Kudos
PhoneBoy
Admin
Admin

If you can provide a bit more details about your precise networking configuration and precisely what you’ve tried, we might be able to provide more precise guidance as to what to do.

0 Kudos
clemylton
Explorer

Hi,

Consider de image below, please;

CP.PNG

I need the traffic from server 1 to be routed only through link 1 (inbound and outbound), and so for the other servers too;

Server 1 <-in and out-> Link 1

Server 2 <-in and out-> Link 2

Server 3 <-in and out-> Link 3

Server 4 <-in and out-> Link 4

 

This is my default route;

default route.PNG

 

And these are my PBR configurations;

PBR.PNG

These PBR are working just to temporary external access. I'll remove them as soon as i understand how can i set it all up.

PS: Sorry, i'm just trying to be as clear as i can.

 

Thanks!

0 Kudos
PhoneBoy
Admin
Admin

What's not clear from the above is what precise interfaces are available and how they relate to the servers (less relevant) and the Internet connections (most relevant). 
Is this correct that all four internet links are available from the same PPPoE interface?

0 Kudos
clemylton
Explorer

Oh, ok.

So, i have one internet link for each interface respectivelly;

Link 1 -> eth0

Link 2 -> eth3

Link 3 -> eth6

Link 4 -> pppoe1

I created only the default route containing all four gateways just to have Internet redundancy.

0 Kudos
clemylton
Explorer

Hi guys,

 

Any ideas? I'm really stuck.

Any help will be much appreciated!

0 Kudos
PhoneBoy
Admin
Admin

Where are the routes for the specific sources to "any" in the above?
If you want a specific source to use a specific default route, it starts there.
You may also need NAT rules for each server so the return traffic comes to an IP served by the correct ISP.
If you don't want to go through the precise details in public, I recommend discussing with the TAC.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events