Hi checkmates,
I’m seeking guidance and best practices for configuring the interfaces on a Check Point firewall (in trunk mode) to connect to two Cisco core switches running HSRP. The core switches handle all VLANs and ACLs, and each has a default route pointing to the Check Point firewall’s interface IP, which will be used exclusively for Internet access. The Check Point firewall will learn all internal networks via static routes pointing to the core switches.
Based on the documentation, the most suitable approach appears to be configuring a Bond interface on the Check Point in Active/Backup mode, with each physical interface connected to one of the core switches.
I understand that using a bridge interface is not viable in this setup, as Check Point does not support STP.