Virtual Routers

Important - Virtual Routers are not supported (see Known Limitations 01413513 and MBS-5214).

A Virtual Router is an independent routing domain within a VSX Gateway Physical server that hosts VSX virtual networks, including all Virtual Devices that provide the functionality of physical network devices. It holds at least one Virtual System, which is called VS0. that performs the functionality of physical routers. Virtual Routers are useful for connecting multiple Virtual Systems to a shared interface, such as the interface leading to the Internet, and for routing traffic from one Virtual System Virtual Device on a VSX Gateway or VSX Cluster Member that implements the functionality of a Security Gateway. Acronym: VS. to another. Virtual Routers support dynamic routing.

Virtual Routers perform the following routing functions:

• Packets arriving at the VSX Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. Gateway through a shared interface to the designated Virtual System based on the source or destination IP address.

• Traffic arriving from Virtual Systems directed to a shared interface or to other Virtual Systems.

• Traffic to and from shared network resources such as a DMZ.

As with physical routers, each Virtual Router Virtual Device on a VSX Gateway or VSX Cluster Member that functions as a physical router. Acronym: VR. maintains a routing table with a list of route entries describing known networks and directions on how to reach them. Depending on the deployment requirements, multiple Virtual Routers can be configured.

To protect themselves, Virtual Routers inspect all traffic destined to, or emanating from themselves (for example, an ICMP ping to the Virtual Router IP address) based on the security policy Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection.. Traffic that is not sent to, or coming from the Virtual Router is not inspected by the Virtual Router policy and is sent to its destination.