AnsweredAssumed Answered

How to configure Symmetric Return with using ISP Load Sharing

Question asked by Longson Ho on Apr 18, 2018
Latest reply on Apr 26, 2018 by Longson Ho



If my client has CP FW, two external interfaces, each connected to two ISP links (with public ip adderss A and B) and using ISP Load Sharing mode, and one interface connected to internal and protecting server.


For public to access the internal server, it will first resolve the domain name (assume having external DNS server to respond) to IP address A or B, ingress to check Point  FW, perform Dest-NAT to the internal server ip. 


How we can configure the FW so that the return traffic from the server will follow the same inbound interface (Symmetric Return) which the session created, and perform hide NAT using the same inbound interface?


Thank you!