Static routing table does not match across cluster members for Check Point

Vendor

Check Point

Description

Indeni will identify when two devices are part of a cluster and alert if their static routing tables are different.

Remediation Steps

Ensure the static routing table matches across devices in a cluster.Use the "show configuration" command in clish to compare the calls to "set static-route".

How does this work?

By parsing the gaia configuration database, /config/active, the static routes are retrieved. It can also be retrieved via Clish, but that creates a lot of log entries in /var/log/messages.

Why is this important?

It is important that the routing is configured the same for all cluster members of the same cluster. Otherwise there can be downtime in the event of a failover.

Without Indeni how would you find this?

An administrator could login and manually run the command.

View Source Code
single