Creating Checkpoint VSX and Virtual System – Part 2 – VSX Deployment Example

VSX双虚拟防火墙配置

最新推荐文章于 2024-08-27 16:59:35 发布

原创最新推荐文章于 2024-08-27 16:59:35 发布 · 105 阅读

0 ·

CC 4.0 BY-SA版权

本文介绍了一种典型的VSX部署场景：一个共享外部接口连接互联网，每个VSX虚拟防火墙配备单独的内部接口。通过创建两个VSX虚拟防火墙及虚拟路由器，并使用不同网络进行流量测试。

10-3-2014%2B10-36-29%2BPM.png?resize=200%2C137

This lab is an example for a typical VSX Deployment scenario – one shared external Interface to Internet and separate Internal interfaces for each VSX virtual firewall.

This lab also is second part of earlier post :
Creating Checkpoint VSX and Virtual System – Part 1

In that previous post, it already shows how to create a new VSX gateway through SmartConsole. This lab will show the steps how to create two VSX virtual firewalls and how to set up a virtual router. Two internal interfaces will be used to test the traffics from two different networks.

Topologies:

Basically, in this lab, there is one physical VSX gateway with two logical VSX virtual firewalls. Each virtual VSX virtual firewall has two interfaces , External and Internal.

Steps:

1. Follow the previous post “Creating Checkpoint VSX and Virtual System – Part 1” to add a new VSX gateway into Smart Dashboard.

The new VSX Gateway has four physical interfaces as shown in the following:

Eth0 Mgmt:192.168.2.41
Eth1 EXT: for 172.17.3.x External Network
Eth2 LAN1: for 192.168.99.x – VSX1 Internal Network
Eth3 LAN2: for 10.9.200.x – VSX2 Internal Network

After new VSX Gateway (CP-VSX) added into Smart Dashboard, the webUI in browser will show:
Web UI is not supported in VSX mode. Please use Clish for OS configuration.