- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
For lab testing, is it possible to set up VSX on a VMWARE ESXi server?        I'd like to test some things out without having to build up lots of servers. 
I was able to install it, but when it goes to run it does not complete loading.. and crashes...
It seems to crash for me. :-()
I've build the complex VSX environments running R77.30 on ESXi's in the past.
There were never any stability issues.
I'd recommend performing an ISO installations and not using prepackaged OVFs for it.
If you are building R80.20, depending on the version of Linux you are chosing, you may have to specify alternate Storage controller option.
Additionally, do not forget about setting promiscuous mode, forged transmits and MAC address changes in the portgroup connected to the VSX .
I ran into this on a freshly installed 6.7 ESXi instance and R80.10 (non-VSX) gateways.
Forged transmits was disabled by default, and I couldn't get the cluster to come up and see each other until I enabled it on all vSwitches.
Hi, can you clarify if this is still the case? Because I asked for "official" clarification from TAC and got an unexpected answer.
What precisely were you told?
I asked a very clear question - was VSX on R80.20 on VMware supported for production use, and I was told very clearly that it was supported. I have requested clarification because I did not expect this answer, I expected the opposite. This is not an idle question, I have a very compelling use case for a customer, so I need to have an official support statement yes/no.
To avoid ambiguity here is the reply from TAC:
VSX is supported on VMware ESXi for R80.20 Gaia. For more information, you can refer to the R80.20 release notes
I've been running VXS in ESX since R67.. till R80.30. Emulating our production boxes in the lab. Never had any problems building them or pushing policies. The only problem we encountered was when production box had bond interface - that part did not work in real tests to push traffic through. You cheat with interface names and I didn't have enough time to play long enough with it. But o believe it would work with no issues if you are not configuring bonds on gateway VM. There's a really good SK article how to set correct parameters on ESX. I know it's for Mgmt but I'm sure you can logically apply it to a GW. Just search SKs 🙂
sk175624: "On VMWare ESXi, it is supported to run Check Point CloudGuard gateways and clusters in VSX mode."
Regardless, outside of a lab or ACI I'm not sure I see the benefit of doing so.
There's a certain amount of overhead & consolidation / failure domains that are best avoided for a production setting imo.
Depending on the environment, price/performance and the benefits of a hypervisor (abstraction from the hardware removes driver issues, ability to snaphot for upgrades or backups).
Appreciate the general Vmware benefits, but why is this relevant to VSX specifically & preferred versus other VE/IaaS gateway types.
Interested to hear your thoughts.
It's not specific, but one of the benefits of VSX is a single GAiA install for multiple gateways. CG IaaS on VMware ESXi is attractive overall, VSX via CG IaaS on VMware has the same advantages. With changes coming to VSX with provisioning via the gateways and extensions to GAiA APIs VSX may offer less advantages over time - although there's still some economy of scale.
 
					
				
				
			
		
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count | 
|---|---|
| 23 | |
| 20 | |
| 13 | |
| 10 | |
| 9 | |
| 9 | |
| 7 | |
| 7 | |
| 6 | |
| 5 | 
Tue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionThu 30 Oct 2025 @ 03:00 PM (CET)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEAThu 30 Oct 2025 @ 11:00 AM (EDT)
Tips and Tricks 2025 #15: Become a Threat Exposure Management Power User!About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY