This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Rakesh1313
Explorer
‎2022-11-23 03:51 AM

Bypass network objects with Specific ISP

We have terminated two ISP on checkpoint firewall, using checkpoint Quantum 6200-P model, we want to bypass particular  network objects with Specific ISP but not able to find any option to configure the same.

Labels
0 Kudos
4 Replies
_Val_
Admin
Admin
‎2022-11-23 05:40 AM

Please elaborate. What do you mean, bypass particular network objects?

0 Kudos
PhoneBoy
Admin
Admin
‎2022-11-23 10:52 AM

Are you using ISP Redundancy? If so, you'd configure it there.
Otherwise, you can do it with Policy-Based Routing

0 Kudos
Rakesh1313
Explorer
‎2022-11-24 08:35 PM
In response to PhoneBoy

Yes, I am using ISP Redundancy we are using two ISP in load balancing.

Can you please explain in which option I can configure the same?

Awaiting for your reply on the same.

0 Kudos
Duane_Toler
Advisor
‎2022-11-23 02:32 PM

If you're asking about pinning specific traffic to a given ISP link, then sk56384 might help.  Otherwise, if you want traffic to specific hosts/networks to egress out a specific ISP link, then classic static-routes will be used here.  Hopefully you don't need to resort to PBR, but if so, then sk167135 could be used to apply a security policy (in SmartConsole) to PBR rules.

 

There are tons of limitations and restrictions with PBR, so read sk167135 VERY VERY carefully.  You should also be warned about PBR, which @PhoneBoy told me long ago:  Once your routing decisions go into PBR, then EVERYTHING stays in PBR.  Depending on your use-case, you may need to have a near-100% duplicate of your global routing domain inside your PBR domain.  #TreadCarefully #HereThereBeDragons

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events