Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
D_W
Advisor
Jump to solution

GRE in Cluster environment

Hi Mates,

target: establish GRE Tunnel between a R81.10 Cluster and  a Linux Server by following sk169794 

Issue: in the underlay traffic (local IPs) always the cluster members IP is answering and not the Cluster IP!
In the screenshot you can see the remote peer 192.168.2.1 tries to reach the CP Cluster IP with 192.168.1.1 but the CP Member IP with 192.168.1.2 is answering. Is this by design?

image.png

With this the GRE is not working because we assume the Remote System doesn't know what to do with the cluster members IP. When we set it up like a single GRE it works!

KR
David

 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

I believe this is supposed to NAT behind the cluster address, as you can see here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
In any case, I suspect this is a bug and the TAC will be needed to assist with this.

View solution in original post

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

I believe this is supposed to NAT behind the cluster address, as you can see here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
In any case, I suspect this is a bug and the TAC will be needed to assist with this.

0 Kudos
D_W
Advisor

Just wanted to give an update about the TAC case... TAC is still in research 🤧

0 Kudos
D_W
Advisor

Just wanted to update:
We needed an own NAT Rule so that the response from the ClusterMembers are changed to the ClusterVIP.
That was the first we tried but however the NAT rule took a few hours till it matched/become active 😖

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events