Technical data
Configuring VSX
Check Point VSX Administration Guide NGX R67 | 59
2. Click Add to define a new rule or Edit to modify an existing rule. The Add/Edit Route Rule window
appears.
Define the following properties as required:
Source IP Address and Net Mask
Destination IP Address and Net Mask (optional)
Next Hop Gateway: Select a Virtual System from the list.
Working with Dynamic Routing
This section presents procedures for configuring dynamic routing for Virtual Systems and Virtual Routers.
Virtual Devices can communicate and distribute routes amongst themselves using dynamic routing
protocols.
You configure dynamic routing separately for each Virtual System and/or Virtual Router, each of which has
its own dynamic routing daemon and configuration file. You also configure dynamic routing separately on
each cluster member.
Enabling Dynamic Routing
To enable dynamic routing:
1. Enable dynamic routing for the appropriate Virtual System or Virtual Router by executing the following
commands from the VSX gateway in the expert mode:
a) vsx set <vs_id>, where <vs_id> is the device context ID
b) drouter enable <vs_id> (enables dynamic routing)
c) drouter start <vs_id> (starts the dynamic routing daemon)
Configuring Dynamic Routing
To configure dynamic routing:
1. Execute the router command.
2. Configure dynamic routing according to your requirements. See the R75.20 Advanced Routing Suite CLI
Reference Guide (http://supportcontent.checkpoint.com/documentation_download?ID=12262) for
details.
Disabling Dynamic Routing
To disable dynamic routing:
1. Execute the following commands from the VSX gateway command line:
a) drouter stop <vs_id> (stops the dynamic routing daemon)
b) drouter disable <vs_id> (disables dynamic routing)
Checking Dynamic Routing Status
To check whether dynamic routing is active, execute the drouter stat <vs_id> command from the
VSX gateway command line. A message appears indicating whether or not dynamic is enabled.