Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Wolfgang
Authority
Authority

adding PBR routes via API / CLI

Hello CheckMates,

does anyone knows a way to add a bunch of PBR routes (PolicyBasedRouting) to a virtual-router object under VSX.

VSX provisiong_tool does the job perfect for normal routes but PBR ?

Thanks

Wolfgang

0 Kudos
2 Replies
HeikoAnkenbrand
Champion Champion
Champion

Hi @Wolfgang,

I found this for R80.40. Maybe this will help:

Support for Policy-Based Routing (VSX)

PBR can be configured only on Virtual Routers in the SmartDashboard. When VSX mode is enabled, Gaia Portal is disabled on Security Gateway as it is not supported in VSX mode, and the Clish command "set pbr" command is disabled for Virtual Systems. Furthermore, configuration in the SmartDashboard supports only Source Address and Mask, and Destination Address and Mask.

Notes:

  • Virtual Router is not compatible with VSLS.
  • In VSX mode, PBR supports Source IP, Destination IP and Interface, but not the additional parameters (service port and protocol) that were added starting in R77.30.
  • R80.40:

    PBR can be configured on Virtual Routers only in SmartConsole. PBR can be configured on Virtual Systems only in Gaia Clish

For more informations read this sk: Policy-Based Routing (PBR) on Gaia OS 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos
Wolfgang
Authority
Authority

Thanks @HeikoAnkenbrand,

these are really good news. I did not realized these small change. With R80.40 PBR is possible on virtual-systems not only on virtual-router.

We are using the virtual-router only because of the PBR routes, without we can use VSLS.... This is very nice. Do you have any experience with PBR on a virtual-system?

Problem ,we need the new PBR routes now and an upgrade to R80.40 will be not done in a day 🤔

Wolfgang

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events