This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jvillar
Participant
3 weeks ago

Loss of routes when upgrading

In my network I have access to the Internet for users and access from the outside to the public services that we have published on the Internet. In Policy Based Routing I have defined as the default route the IP of the outbound router to the internet of the users. In IPv4 Static Routes, I have defined the IP of the router accessing the servers as the default route. And everything works correctly. Users exit through the IP defined in Policy Based Routing and servers, if they have to go to the Internet, exit through the IP defined in IPv4 Static Routes.

When I proceed to install the Bundle_T89, the users' egress to the Internet stops working and when I trace from a computer I see that it is leaving through the IP defined in IPv4 Static Routes (the router for access from the outside) instead of the one defined in Policy Based Routing. It's like the rules defined in Policy Based Routing disappear or asymmetric routing is occurring

The other times I've updated this never happened to me. Any ideas?

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
3 weeks ago

Are the routes still listed in the configuration and not being enforced?
Suggest involving TAC here, in any case.

0 Kudos
the_rock
Legend
Legend
3 weeks ago

We had something similar happen with a customer few years ago and it turned out to be ISP redundancy related. Do you use that at all?

Andy

0 Kudos
AkosBakos
Leader Leader
Leader
3 weeks ago

Hi @jvillar 

My first idea, did you save the configuration? It is trival, but I would like to ask it 🙂

Otherwise the TAC will be a solution.

Akos

----------------
\m/_(>_<)_\m/
0 Kudos
CheckMatesAI
Bot
3 weeks ago

Admin Note: This answer came from AI Copilot

It seems that after installing Bundle_T89, the Policy Based Routing (PBR) rules are not being applied as expected, causing traffic to follow the default route set in IPv4 Static Routes instead. This issue might be related to how PBR interacts with the system's routing tables after an upgrade.

Here are a few steps you can take to troubleshoot and potentially resolve this issue:

  1. Verify PBR Configuration: Ensure that the PBR rules are still correctly configured after the upgrade. Sometimes, configurations might not carry over properly during an upgrade.

  2. Check for Known Issues: Review the release notes or any known issues related to Bundle_T89 that might affect PBR. It's possible that there are specific changes or bugs introduced in this bundle.

  3. Routing Table Priority: Confirm that the PBR rules have higher priority over the static routes. PBR should take precedence over static routes if configured correctly.

  4. Logs and Diagnostics: Check the system logs for any errors or warnings related to routing or PBR. This might provide insights into why the PBR rules are not being applied.

  5. Reapply PBR Rules: Sometimes, reapplying the PBR rules can resolve issues where they are not being recognized. Remove and then re-add the PBR rules to see if this resolves the issue.

  6. Consult Check Point Support: If the issue persists, it might be beneficial to contact Check Point Support for further assistance. They can provide more detailed troubleshooting steps or a hotfix if this is a known issue.

If you need further assistance or have additional questions, feel free to ask!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events