This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Timothy_Hall
MVP Gold
MVP Gold
‎2023-02-24 11:27 AM
In response to Ed_Eades

What you have found aligns perfectly with the behavior you are seeing.

I can't see why a Netscaler or any other device would try to use or take over another system's MAC address, unless you got extremely unlucky and the Netscaler and the cluster happened to dynamically derive the exact same VMAC address for their use.  Here is how the Check Point cluster computes the VMAC to use:

First 24 bits

Unique constant value.

00:1C:7F

Next 8 bits

VSX Virtual System ID.

  • In a VSX Cluster:

    Virtual System ID

  • In a non-VSX Cluster

    000000000

Last 16 bits

Unique value that the Management Server

Timothy_Hall_0-1677266831239.gif

 

assigns to each cluster object.

This makes the VMAC value unique for each managed cluster.

Unique value for each cluster
New Book: "Max Power 2026" Coming Soon
Check Point Firewall Performance Optimization
(1)
Who rated this post