This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
reno138
Explorer
‎2023-04-07 07:08 PM
Jump to solution

3rd party firmware - IP moving

Hey all 

First post here, and this probably isn't a unique situation, but I can't seem to figure out what's going on...

 

I bought a used 4600 (I think), it's for sure it s T160 model. 

I bought it to use with VyOS. 

I chose this because I read about a few others using it, and comparable hardware from Lanner or netgate is quite expensive.  

I was able to install VyOS white easily, and it was ready to start the config. I set the eth1 to my internal ip, 172.26.1.1/24. Port 2 (eth1) was responding it pings and I wanted to move on. However, I wanted to set up a second IP while I was getting the config entered as to not conflict with the existing gateway. 

At that point I had 3 cables plugged in, and set an IP on port 3 (eth2) as 172.16.5.60.

I unplugged port 2 (eth1) and went back to my PC to continue the config entry. 

As expected, the ping replies and stopped. 

But then the weirdest thing happened. 172.26.5.1 started responding again about 10 seconds after unplugging the cable from the port it was configured on. 

 checked, and sure enough it was responding on the port with the correct MAC address for port 3 (eth2). 

So, somehow, without any failover config, this IP address failed over to another port. At least, no software config within vyos. 

I tested this a few more times with multiple ports and it did the same thing every time. 

Is there some sort of hardware thing on these systems that would cause this? And if so, can it be disabled?

I've never worked with checkpoint hardware before, so I'm very confused. 

 

TIA 

--reno

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2023-04-07 07:31 PM
Jump to solution

Check Point appliances are purpose built to run the Quantum Security Gateway software only.
All other uses of our hardware are unsupported.

Having said that, I'm not aware of any function in our hardware that would cause the issue you describe to occur.
Even if there is, it'd be in the BIOS, the settings for which are not accessible to users.

View solution in original post

0 Kudos
2 Replies
PhoneBoy
Admin
Admin
‎2023-04-07 07:31 PM
Jump to solution

Check Point appliances are purpose built to run the Quantum Security Gateway software only.
All other uses of our hardware are unsupported.

Having said that, I'm not aware of any function in our hardware that would cause the issue you describe to occur.
Even if there is, it'd be in the BIOS, the settings for which are not accessible to users.

0 Kudos
reno138
Explorer
‎2023-04-07 09:08 PM
In response to PhoneBoy
Jump to solution

Oh. Yes. I'm completely aware that this is wholly unsupported. And I really appreciate you taking the time to respond at all. 

I was also afraid that would be the answer. It's so strange that it's happening without any software or hardware  config directing it to do so.  At this point it was more lire curiosity than anything else that brought me to post here, because it SO weird that the IP moves to a new nic, is using that new NICs MAC, and nothing I can find is telling it to do so. I'm really starting to wonder if it's something on my switch that's updating the MAC associated with the IP and it has nothing to do with the checkpoint hardware

Oh well. Back to the hunt.

 

Thanks again!

0 Kudos
Trending Discussions
Wednesday laugh
Upcoming Events

    CheckMates Events