cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

Hello I've 3 external network interfaces, 2 of them are configured with ISP Redundancy, however I wish to route certain network objects to the third external network that is not in use, how I can do it?  thanks!

0 Kudos
1 Solution

Accepted Solutions
Danny
Pearl

Re: How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

This can be easily achieved via Policy Based Routing (PBR) in your Gaia WebUI. (sk100500)

7 Replies
Danny
Pearl

Re: How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

This can be easily achieved via Policy Based Routing (PBR) in your Gaia WebUI. (sk100500)

Re: How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

Hello thanks for the reply, However I tried to configure it on my firewall and after several hours I cant make it works, I'm posting an image of what I want to archive, hope someone can helps. thanks a lot.

0 Kudos
Admin
Admin

Re: How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

Policy-based Routing is not compatible with ISP Redundancy.

This is a limitation listed here: Policy-Based Routing (PBR) on Gaia OS 

0 Kudos
Danny
Pearl

Re: How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

So instead of using ISP Redundancy https://community.checkpoint.com/people/luisve906949e-c8df-328e-810c-76617a79eeb9‌ might want to consider switching his firewall setup to:

- a primary and a secondary ISP default gateway, based on priorities

- setup BGP/OSPF routing for his eth1 and eth2 links, if his ISP's support it

- upgrade his single firewall to a stacked one, where the internal firewall (FW) does the pbr and the external firewall (GW) does the isp redundancy

0 Kudos

Re: How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

Thanks

0 Kudos
Highlighted

Re: How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

Dameon Welch Abernathy‌ do we have any other alternate method to coexist ISP redundancy and  routing specific source traffic through specific ISP. System in use -CP 5600, OS- R77.30

0 Kudos
Admin
Admin

Re: How to configure NAT for a network object and route to a specific external port-ip

Jump to solution

Other than what Danny Jung‌ mentioned above, not that I'm aware of.