Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vincent_Bacher
Advisor
Advisor

management interface of gateway in different subnets?

Hi mates,

customer plans to deploy a CP cluster at two different sites, where all vlans are same but management interface, they are planned to be in different subets. They are asking if this would work.
This topology view of a demo session shows what i would do

management-if.png

Questions:

  1. does that really work?
  2. is this a supported setup?

Did not find anything int the kb or here.
Anyone configured this already in the past and can tell? Or any sk appreciated as well.

 

Cheers
Vincent

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
0 Kudos
2 Replies
HeikoAnkenbrand
Champion Champion
Champion

In a ClusterXL all cluster interfaces with a VIP must be in the same L2 subnet. Why should the management interface be deployed in different L2 and L3 networks? That doesn't make any sense. 

In theory, it should work. In Azure and AWS the management interface also have different L3 IP addresses  / networks. The question is, is this supported. 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos
PhoneBoy
Admin
Admin

The management interface doesn't have a shared IP and isn't relevant as far as clustering goes, provided you mark the interface as private.
R80.40 allows for clusters where the members are in different subnets entirely (even the "clustered" interfaces) but there is no shared IP in this situation.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events