This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Garrett_DirSec
Advisor
‎2024-02-01 10:58 AM

Bridge + DHCP server on Enterprise GAIA gateway (replicate Embedded GAIA, SPARK appliance)

Hello All --

For an exercise on potential config for customer, I was trying to replicate the "ease of use" features of Embedded GAIA (Quantum Spark) 1500-series appliance for use of (a) bridged LAN interfaces, and (b) DHCP server (to that LAN bridge group). 

During SPARK wizard setup, you have to option to leave LAN ports as switch (ie. bridge) allowing anyone to plug-in in device (one of LAN ports), grab IP, and hit the Internet.  

I'm trying to replicate this functionality on a full Enterprise gateway device.

***

My test unit is model 3200 gateway with R81.20 (with GA HFA).

Mgmt interface as EXTERNAL interface.    10.0.0.50/24

I create Bridge across "LAN" interfaces eth1-5.     Assign 192.168.1.254/24 to Bridge.

I attempt to enable DHCP service.   I pull subnet from BR1 (bridge).    I add pool 192.168.1.1-100.

When I attempt to enable (ie. click the enable box and save), I receive error that POOL must be created/included.   

The error seems non-nonsensical as it's obviously created. 

Am I trying to do this that's not possible?

However, since Embedded- and Enterprise- GAIA are so similar, I have to figure that Quantum Spark devices (like the 1500-series) are using something very similar to bridge, etc for their configuration.

What am I doing wrong?

Note:  once I get past this hoop, the obvious setup of fw policy is straightforward, etc.   thx.

 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2024-02-01 07:49 PM

Bridge mode only supports TWO interfaces on Gaia: https://support.checkpoint.com/results/sk/sk101371
Further, it’s meant to sent traffic to the other interface in the bridge.

0 Kudos
sloddo
Explorer
‎2024-02-13 10:23 AM
In response to PhoneBoy

Is there any way to replicate an SMB/Spark device's LAN port bridging (i.e, multiple (more than two) lan ports on the same network) on an enterprise device like a 3000?

0 Kudos
PhoneBoy
Admin
Admin
‎2024-02-14 04:55 PM
In response to sloddo

Officially, no, at least not in current versions.
I believe this will be supported in the R82 release.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events