Static routing table does not match across cluster members for Check Point

Vendor

Check Point

Description

Indeni will identify when two devices are part of a cluster and alert if their static routing tables are different.

Remediation Steps

Ensure the static routing table matches across devices in a cluster.

Use the "show configuration" command in clish to compare the calls to "set static-route".

How does this work?

By parsing the gaia configuration database, /config/active, the static routes are retrieved. It can also be retrieved via Clish, but that creates a lot of log entries in /var/log/messages.

Why is this important?

By parsing the gaia configuration database, /config/active, the static routes are retrieved. It can also be retrieved via Clish, but that creates a lot of log entries in /var/log/messages.

Without Indeni how would you find this?

An administrator could login and manually run the command.


View Source Code