Connected networks do not match across cluster members for Check Point

Vendor

Check Point

Description

Indeni will identify when two devices are part of a cluster and alert if the networks they are directly connected to do not match.

Remediation Steps

Ensure all of the required ports are configured correctly on all cluster members, including the subnet mask.

How does this work?

By parsing the gaia configuration database, /config/active, the routes for directly connected interfaces are retrieved. It can also be retrieved via Clish, but that creates a lot of log entries in /var/log/messages.

Why is this important?

By parsing the gaia configuration database, /config/active, the routes for directly connected interfaces are retrieved. It can also be retrieved via Clish, but that creates a lot of log entries in /var/log/messages.

Without Indeni how would you find this?

An administrator could login and manually run the command.


View Source Code