Manualshelf

Technical data

ManualsBrandsCheck Point Software Technologies ManualsNetworkingVSX-1 3070
41424344454647484950
Configuring VSX
Check Point VSX Administration Guide NGX R67 | 46
To configure the external and internal interfaces:
1. In the interface table, define interfaces. You can add new interfaces as well as delete and modify
existing interfaces.
To add an interface, click Add. The Interface Properties window opens. Select an interface from the list
and define the appropriate properties. Click Help for details regarding the various properties and
options.
2. Select the Main IP Address from the list. This IP address, typically that assigned to the external
interface, specifies the "real" Virtual System address used when working with NAT or VPN connections.
To make your external IP address routable, select the external interface IP address as the main IP
address.
3. Define network routing as appropriate for your deployment. Some routes are automatically defined
automatically based on the interface definitions.
For example, you would generally define a default gateway route leading to an external Virtual Router or
to the Virtual System external interface.
To add a default route to the Routes table, click Add Default Routes and either enter the default route
IP address or select the default Virtual Router. The Route Configuration window opens. Click Help for
details regarding the various properties and options.
4. Complete the definition process ("Completing the Definition" on page 47).
Custom Configuration or Override in the Bridge Mode
If you used the Custom Configuration template when creating the VSX gateway, or if you selected the
Override Creation Template option, and are creating a Virtual System in the Bridge Mode, you will need to
manually define the network interfaces. The Virtual System Network Configuration page appears as
shown.
Interfaces: To configure the external and internal interfaces, define interfaces and links to devices in the
Interfaces table. You can add new interfaces as well as delete and modify existing interfaces.
To add an interface, click Add. The Interface Properties window opens. Select an interface from the list
and define is properties. Click Help for details regarding the various properties and options.
Layer-3 Bridge Interface Monitoring: This option only appears for Virtual Systems hosted by clusters
on Nokia platforms. Enable this option to monitor interface traffic at the IP address and net mask
specified in the designated fields.
When creating a Virtual System in the bridge mode on a Nokia platform, you must enable layer-3 bridge
interface monitoring. The IP address to be monitored should reside on a different subnet than the subnet
that handles bridge traffic.