This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Khanh134752
Explorer
3 weeks ago

enable asynmetric routing firewall checkpoint

Dear experts
Currently running Cisco Firepower 2110 Model, using the configuration for 3 Public lines is still running normally but replacing CheckPoint firewall is an error. Traffic flow usually sets the host file at all 3 public IPs is still in normal service Traffic when changing the CheckPoint firewall to the client is only called in the direction that the CheckPoint Firewall is setting the data at the lowest level (As shown below) I don't know if the CheckPoint Firewall has a mechanism to check the entire stateful routing table before it can pass, right? At Cisco firewalls, the processor follows the previous Statefull table, the system operates normally. If that's true, is there a way to make the CheckPoint Firewall work like the Cisco Firewall?

Preview file
152 KB
0 Kudos
2 Replies
emmap
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
3 weeks ago

If I'm following, I don't think there's a way to do it in a single routing instance, but if you used VSX to split the system into 3 instances (VRFs, basically) then it may be workable that way.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
3 weeks ago

You might be able to use PBR to help, otherwise the Check Point would probably need to be doing the NAT based on Security Zone?

Otherwise you have the solution as indicated by Emma.

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events