This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
RKinsp
Contributor
2 weeks ago

Centrally Managed SMB / Spark with Dual WAN fixed IP MGMT best practice question

Good morning everyone!

We are deploying a new network with about 15 locations with Quantum Spark and a central site with regular Quantum gateway and an SMS.  Most locations will have two fixed IP WAN addresses.

When adding the spark to the SMS for the first site we used a fixed address but the SMS prompt suggested we set it as DAIP because of the dual WAN. We switched that around and set it to DAIP by removing and re-adding, but the issue now is that the status on the SMS is never shown correctly. Everything else works fine.

Just wanted to get insight on this scenario from the group.

If you have dual WAN remote gateways, is it better practice to managed as DAIP or through one of the fixed IPs?

If you do manage through one of the fixed IPs, what are the downfalls? (other than the obvious lack of management when on the redundant link). Will VPN work with both IPs?

On a side note, we will also be using the cloud managed SD-WAN feature.

Thanks,

RK

0 Kudos
2 Replies
PhoneBoy
Admin
Admin
2 weeks ago

I wonder if this SK will resolve the monitoring issue with DAIP gateways: https://support.checkpoint.com/results/sk/sk170881

0 Kudos
RKinsp
Contributor
2 weeks ago
In response to PhoneBoy

Currently we have not configured VPN yet. It is the gateway status that is now showing.  Also, when trying to "Get Interfaces" we get a "Failed to Resolve DAIP Object" error, so we cannot automatically update interface changes.

This issue might be because we are in a recent version of FW - R81.10.10 (996002845) for the Quantum Spark and R81.10 for the SMS (Take 130).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events