Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
kb1
Collaborator

So we have a routing issue for ntp traffic

So we have 2 data centers and 1 checkpoint cluster(one active, one standby for each cluster) in each data center, in our new data center the ntp traffic goes out but the replies are probably going to the old data center since we use the exact same ip schema for both data centers, the outgoing ntp traffic is getting translated to the external vip of each cluster(which is the same for both clusters) and since the policy and ip schema is the same for both clusters the replies are going back to the old cluster, so how can we resolve this? Can some sort of configuration be made on the checkpoint side so that the ntp for the new cluster can get the replies back? or is this not possible?

Gaia version for both clusters - R80.20

 

Thanks.

0 Kudos
1 Reply
Maarten_Sjouw
Champion
Champion

Only way to achieve that is by using a different Hide NAT address, which is routed only to the new cluster.

Regards, Maarten
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events