Secure the GenAI Revolution!
The All-New GenAI Security from Check Point
Transform Your Data Center Management:
The Power of Check Point's MFaaS
Forwarding Events to 3rd-party SIEM
Help us with the Short-Term Roadmap
Mastering Endpoint Security -
Best Practices for 2024
CheckMates Toolbox Contest 2024
Make Your Submission for a Chance to WIN up to $300 Gift Card!
CheckMates Go:
Recently on CheckMtaes
Hi,
Indeed, this is basic limitation.
We already have the fix for it. So the return (s2c) packets will be routed back from the same ISP the connection (c2s) originally came through.
it should be merged into JHF that will be released in the next month or so for GAIA.
As a temp workaround:
If you need the redundancy to the server works as active/backup, you can just set two default routes on your GAIA with different priorities, with "IP Reachability Detection" configured (if you want to probe the line. Otherwise just with "ping on"). So once main line is dead, the active route would be the second ISP, and then the server would be accesible through it.
In case you need it to be accesible in parallel via multiple ISPs, i afraid only your PBR idea can work.
Let me know if you need further assistance,
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
