This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Kishorilal_CJ
Participant
‎2018-04-13 12:12 AM

Will Policy based routing process the admin Traffic

Hello

I have configured PBR towards management subnets through Management interface, where my remote authentication server and other administrative servers existed, apart from that I have default static route as well pointing to other interface.  when I try to authenticate the device using remote authentication protocols, it uses the static route rather PBR which is supposed to be preferable than static routes, here my question whether PBR  will process this kind of admin traffic originating from the device or something I configured improperly

7 Replies
PhoneBoy
Admin
Admin
‎2018-04-13 01:50 PM

It would be helpful to understand how you've configured it.

Screenshots or the like would be helpful.

0 Kudos
Kishorilal_CJ
Participant
‎2018-04-16 03:37 AM
In response to PhoneBoy

Hello

Please find the configuration for PBR

#################################################################

set pbr table Mgmttraffic static-route X.X.X.0/24 nexthop gateway address GWIP on
set pbr rule priority 1 match from Y.Y.Y.Y/32
set pbr rule priority 1 action table Mgmttraffic

################################################################

Where

X.X.X.0/24 - Managemt Subnet NW
Y.Y.Y.Y - Device Mgmt IP where traffic originates

0 Kudos
PhoneBoy
Admin
Admin
‎2018-04-16 05:29 AM
In response to Kishorilal_CJ

Can you verify (with tcpdump) the traffic is originating from that IP?

0 Kudos
Kishorilal_CJ
Participant
‎2018-04-16 05:43 AM
In response to PhoneBoy

Yes, Its

0 Kudos
Kishorilal_CJ
Participant
‎2018-04-16 05:57 AM
In response to Kishorilal_CJ

hostname was wrongly registered with old IP since its new device & configuration has been used from old device

0 Kudos
PhoneBoy
Admin
Admin
‎2018-04-16 07:54 AM
In response to Kishorilal_CJ

So does that mean the problem is resolved or you are still having the issue?

0 Kudos
Kishorilal_CJ
Participant
‎2018-04-16 10:46 PM
In response to PhoneBoy

Yes It was resolved.. thanks for your time Smiley Happy

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events