I was trying to figure a way to build a DAIP SMB cluster that is centrally managed.
This is actually as it seems not supported because the Cluster object on management side is missing the Dynamic IP box.
However i was wondering if there is really a technical reason why this does not work on a topology where the Dynamic IP sits on a 3rd party Router and the Checkpoint Cluster is behind it.
As far as i understand the DAIP gateways will only fetch the policy and the Logging is also outbound so it would actually not be much different from a single gateway setup with DAIP on 3rd party device.
Has some one tried this? does this make sense?