Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Amir_Arama
Advisor

Return packet from the same interface ?

Hi,

i want to know if there is support in checkpoint fw to return packet from the same interface original packet was received. specifically for 2 ISPs, without enabling isp redundancy.

i know there is sdwan module in development, but i don't know when it will be available as GA/EA.

0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee

Is there any NAT or PBR involved, what is the direction of the traffic flow - External to DMZ?

CCSM R77/R80/ELITE
0 Kudos
Amir_Arama
Advisor

Hi,

i'm talking about inbound internet traffic for dmz published servers.

so for example our company website which has public ip's from both isp's and NLB does the GSLB, so one user can access 1st isp Nat IP, and other user might access 2nd isp Nat IP.

the FW does the Nat from public to private dmz ip.

how can i verify that if user A get through isp A, the return packet to user will go out through isp A, and the same for isp B.

 

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Sounds like a use case for PBR depending on your enabled blades.

What is the current routing setup for each ISP link, default route via only one or both?

CCSM R77/R80/ELITE
0 Kudos
Amir_Arama
Advisor

sorry for the late response. Current setup default route to one isp

With pbr for specific traffic to the other isp's

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events