This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
dkurochkin
Participant
‎2022-02-07 12:14 PM

maestro and sms open server

Hello team !

q:
For create security group need to specify management interface (1-4 interfaces in the MHO); this is physical interface for connect the MHO (maestro) and SMS (Security Management Server).
Without this interface, you cannot create security group; this interface will be used to install security policies.

In my case, I have SMS virtual, open server VMWARE.

1. How to can create security group, if I do not have and cannot have a physical interface?
2. Can MHO work with SMS Open Server? Is there an SK where this is described?

sorry for my english

 

thx

0 Kudos
5 Replies
G_W_Albrecht
Legend
Legend
‎2022-02-07 12:44 PM

Also ESXi has ports - map one to a physical port and connect the VM SMS to it. Maestro works with any SMS, see 

Quantum Maestro R81.10 Administration Guide.

CCSE CCTE CCSM SMB Specialist
0 Kudos
dkurochkin
Participant
‎2022-02-07 12:53 PM
In response to G_W_Albrecht

Thx for your answer

 

My maestro version 80.20 sp 

 

For connecting esxi host and maestro needs direct connection  or allowed connection via switch?

 

 

 

0 Kudos
Wolfgang
Authority
Authority
‎2022-02-07 01:04 PM
In response to dkurochkin

Yes, you can use switch. Connect your MHOs management ports and your ESXi to the switch, same VLAN and IP subnet or you have to use a routing instance if in different subnets.

0 Kudos
G_W_Albrecht
Legend
Legend
‎2022-02-07 01:07 PM
In response to dkurochkin

Whatever - same as with usual GWs but to MHO.

CCSE CCTE CCSM SMB Specialist
0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-02-07 07:21 PM

Please note the limitation described in another of @Wolfgang 's prior threads here.

To avoid the issue ensure the Security Group either isn't the default gateway for the management network itself or explore the alternative as described.

https://community.checkpoint.com/t5/Maestro/Maestro-limitation-connections-going-through-data-and-ma... 

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
 
Upcoming Maestro Events

    CheckMates Events