Working with Source-Based Routing
Introduction
Source-based routing directs traffic to a specific destination based on the source IP address or a combination of the source and destination IP addresses.
Rules defining Source-based routing take precedence over ordinary destination-based routing rules.
This section describes how to configure sourced-based routing rules when working in a VSX Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. environment.
The procedures for defining source-based rules are the same for Virtual Routers in both VSX Gateways and VSX Clusters.
Defining Source-Based Routing Rules
Define Source-based Routing rules in the Topology page of the Virtual Router definition window.
To define source-based routing rules:
-
Connect with SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. to the Security Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. or Target Domain Management Server that manages the Virtual Router.
-
From the Gateways & Servers view or Object Explorer, right-click the Virtual Router object and select Edit.
The General Properties window opens.
-
From the left navigation tree, select Topology.
-
Click Advanced Routing.
The Advanced Routing Rules window opens.
-
Click Add to define a new rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session.. or select an existing rule and click Edit to change it.
The Add/Edit Route Rule window opens.
-
Define these settings:
-
Source IP Address and Net Mask
-
Destination IP Address and Net Mask
-
Next Hop Gateway
-
-
Click OK.