This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
clemylton
Explorer
‎2021-01-21 11:12 AM

Multiple internet links

Hi guys

I have 4 servers on my LAN, protected by the checkpoint. And I have 4 internet links. how could i configure the servers to navigate the internet using only one of each link? what features should i use?

I need that each must have its exclusive access to the Internet using only one of the links.

Can someone help me?

 

Thanks!

 

 

 

 

0 Kudos
9 Replies
PhoneBoy
Admin
Admin
‎2021-01-21 06:18 PM

That largely depends on what Check Point product you have and version/JHF level.
But I would assume it would involve policy-based routing.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2021-01-22 01:21 AM
In response to PhoneBoy

I second that, look here:

sk100500: Policy-Based Routing (PBR) on Gaia OS

sk167135: Policy-Based Routing and Application-Based Routing in Gaia

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
clemylton
Explorer
‎2021-01-22 09:17 AM
In response to PhoneBoy

Hi,

Thanks for your reply. Im running R80.40. Im very confused about static routes and PBR.

All my internet links are configured in my default route. I've tried several configurations using PBR but no success so far.

My doubt is how to set one especific internet link as gateway for a specific server.

0 Kudos
PhoneBoy
Admin
Admin
‎2021-01-22 09:26 AM
In response to clemylton

If you can provide a bit more details about your precise networking configuration and precisely what you’ve tried, we might be able to provide more precise guidance as to what to do.

0 Kudos
clemylton
Explorer
‎2021-01-22 10:03 AM
In response to PhoneBoy

Hi,

Consider de image below, please;

CP.PNG

I need the traffic from server 1 to be routed only through link 1 (inbound and outbound), and so for the other servers too;

Server 1 <-in and out-> Link 1

Server 2 <-in and out-> Link 2

Server 3 <-in and out-> Link 3

Server 4 <-in and out-> Link 4

 

This is my default route;

default route.PNG

 

And these are my PBR configurations;

PBR.PNG

These PBR are working just to temporary external access. I'll remove them as soon as i understand how can i set it all up.

PS: Sorry, i'm just trying to be as clear as i can.

 

Thanks!

0 Kudos
PhoneBoy
Admin
Admin
‎2021-01-22 10:13 AM
In response to clemylton

What's not clear from the above is what precise interfaces are available and how they relate to the servers (less relevant) and the Internet connections (most relevant). 
Is this correct that all four internet links are available from the same PPPoE interface?

0 Kudos
clemylton
Explorer
‎2021-01-22 10:23 AM
In response to PhoneBoy

Oh, ok.

So, i have one internet link for each interface respectivelly;

Link 1 -> eth0

Link 2 -> eth3

Link 3 -> eth6

Link 4 -> pppoe1

I created only the default route containing all four gateways just to have Internet redundancy.

0 Kudos
clemylton
Explorer
‎2021-01-28 06:23 AM
In response to clemylton

Hi guys,

 

Any ideas? I'm really stuck.

Any help will be much appreciated!

0 Kudos
PhoneBoy
Admin
Admin
‎2021-01-28 08:43 AM
In response to clemylton

Where are the routes for the specific sources to "any" in the above?
If you want a specific source to use a specific default route, it starts there.
You may also need NAT rules for each server so the return traffic comes to an IP served by the correct ISP.
If you don't want to go through the precise details in public, I recommend discussing with the TAC.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top