This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
michaelyang123
Explorer
22 hours ago
Jump to solution

About ISP Redundancy monitor

Hello Expert,

 

When I tested ISP Redundancy, I found that it is not compatible with PBR.

Here is structure.

1.PNG


So I changed to use two next hops on the static route, and use priority to divide the primary and the secondary.

2.PNG

I found out that the only way to checkpoint to make sure the route works is to make sure the next hop is viable.

For example, if I turn off Gi0/0 on S3 it switches to the second line for service, but if I turn off Gi0/1 on S3 the checkpoint continues to the first line without switching.

Is there a way to configure the first line to ping the IP of the external network? (transparent monitor)
For example, ping 8.8.8.8 through 30.30.30.30 to make sure that this line can reach the external network.


Thanks

Preview file
35 KB
0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin
20 hours ago
Jump to solution

According to sk167135, PBR is not supported with ISP redundancy.

View solution in original post

0 Kudos
5 Replies
_Val_
Admin
Admin
20 hours ago
Jump to solution

Before anything else, can you please state the appliance model and SW version in use?

0 Kudos
_Val_
Admin
Admin
20 hours ago
Jump to solution

According to sk167135, PBR is not supported with ISP redundancy.

0 Kudos
michaelyang123
Explorer
19 hours ago
In response to _Val_
Jump to solution

Hi @_Val_ ,

Thanks for your reply.

I know PBR is not supported with ISP redundancy.

So I changed to use two next hops on the static route, and use priority to divide the primary and the secondary.

Is there a way to configure the first line to ping the IP of the external network? (like transparent monitor)
For example, ping 8.8.8.8 through 30.30.30.30 to make sure that this line can reach the external network.

---

All my device models are VE.

 

0 Kudos
PhoneBoy
Admin
Admin
16 hours ago
In response to michaelyang123
Jump to solution

I believe this will do what you're after: https://support.checkpoint.com/results/sk/sk102848 

0 Kudos
michaelyang123
Explorer
16 hours ago
In response to PhoneBoy
Jump to solution

Hi @PhoneBoy ,

I didn't use ISP redundancy because it's not compatible with PBR.

---

According to my setup

I thought the setup was to ping 8.8.8.8 via this path (30.30.30.30), but it turns out it is just the device that has to ping 8.8.8.8, regardless of the path!

3.PNG

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events