Preparing the Security Group in VSX Mode

Item	Description
1	Select a designated physical interface for Mirror and Decrypt on the Security Group A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected..
2	Do not configure an IP address on this designated physical interface.
3	Configure the required Maximum Transmission Unit (MTU) on this designated physical interface. MTU has to be the default 1500, or at least the maximal MTU value from other interfaces on the Security Group. For instructions about configuring an MTU on a physical interface, see the R80.20SP Quantum Maestro Gaia Administration Guide > Chapter Network Management > Section Network Interfaces > Section Physical Interfaces.

Item

Description

Select a designated physical interface for Mirror and Decrypt on the Security Group A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected..

Do not configure an IP address on this designated physical interface.

Configure the required Maximum Transmission Unit (MTU) on this designated physical interface.

MTU has to be the default 1500, or at least the maximal MTU value from other interfaces on the Security Group.

For instructions about configuring an MTU on a physical interface, see the R80.20SP Quantum Maestro Gaia Administration Guide > Chapter Network Management > Section Network Interfaces > Section Physical Interfaces.