This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
SomAustrianCity
Participant
‎2025-04-30 04:53 AM
Jump to solution

ISP Redundancy and dynamic routing

Hi

I'm evaluating my current setup for my outgoing traffic (aka internal users accessing the internet).

I noticed that there is a feature called ISP Redundancy, which would allow me to have two uplinks. But i noticed that various documentations say, that i can't use the redundancy when i have dynamic routing protocols in use.

But if i don't use OSPF to learn the default route, would these feature still clash?
For example, if i either only announce routes (eg a default route into the internal network) or learn smaller routes from other devices (eg 192.168.0.0/24 from some router).


These are the mentioned KBs:

R81.20 ClusterXL Administration Guide

Important - ISP Redundancy is not supported if Dynamic Routing is configured (Known Limitation PMTR-68991).

R81.20 ClusterXL AdminGuide 

 

Known Limitations for Scalable Platforms R80.20SP - R81.20 (Maestro Appliances and Chassis)

PMTR-68991 - Scalable Platforms do not support ISP Redundancy if Dynamic Routing is configured (because the ISP Redundancy feature must create a static default route that overrides the default route created by dynamic routing)

sk148074 

Thank you.

Labels
0 Kudos
1 Solution

Accepted Solutions
the_rock
Legend
Legend
‎2025-04-30 05:11 AM
Jump to solution

I could have sworn there was a different sk about this, but they may had integrated into one you mentioned. I know we configured BGP for a client while ago and also enabled ISPR on 6400 model and works fine since 2021, no issues. Its possible was supported back then : - )

Andy

View solution in original post

0 Kudos
2 Replies
the_rock
Legend
Legend
‎2025-04-30 05:11 AM
Jump to solution

I could have sworn there was a different sk about this, but they may had integrated into one you mentioned. I know we configured BGP for a client while ago and also enabled ISPR on 6400 model and works fine since 2021, no issues. Its possible was supported back then : - )

Andy

0 Kudos
Lesley
Authority Authority
Authority
‎2025-04-30 08:00 AM
Jump to solution

Known Limitation PMTR-68991 not present here for R81.20

https://support.checkpoint.com/results/sk/sk174965

It does show for R81.10 

https://support.checkpoint.com/results/sk/sk166717

The R81.20 guide still shows the limitation in the documentation:

https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SecurityGateway_Guide/Conten...

So Check Point either has to change the know limitations page for R81.10 and R81.20 or change the admin guides. 

Sorry not able to help further. This needs to be an official statement. 

 

-------
If you like this post please give a thumbs up(kudo)! 🙂

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events