CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


I'd like to thank everyone involved for making "The CPUG Challenge" a great success.
We helped a lot of people see and learn a bit more about R80.10, while having some fun.
We will be using this success to try and bring more events to more locations soon. -E

 

Results 1 to 14 of 14

Thread: no vlan 1 in gaia interface configuration

Hybrid View

  1. #1
    Join Date
    2007-07-29
    Posts
    20
    Rep Power
    0

    Default no vlan 1 in gaia interface configuration

    just trying to add vlan 1 in gaia, its states that the min value for this is 2.
    what am i missing???
    its a 4600 ip appliance runnign r75.40, 2.6.18-92cp

  2. #2
    Join Date
    2005-11-25
    Location
    United States, Southeast
    Posts
    857
    Rep Power
    12

    Default Re: no vlan 1 in gaia interface configuration

    This is CheckPoint's mistaken idea about VLAN tagging. I can only think they got it from the cisco world where a native vlan defaults to 1 on a trunk interface. They didnt realize the default native vlan can be changed, thus resulting in tagged frames from vlan 1.

    Interesting enough, in SecurePlatform, you can manually create a vlan 1 tagged interface (vconfig). You can likely do it in GAIA as well, but it wont survive a reboot.

    But, to be fair, even cisco says, for security reasons, not to use VLAN 1 for anything legitimate. It is a good recommendation.

  3. #3
    Join Date
    2007-07-29
    Posts
    20
    Rep Power
    0

    Default Re: no vlan 1 in gaia interface configuration

    yes, i've since been told it was a hang over from splat, ipso was fine...so when they mashed up the two into gaia they took the ipso version over splat and mandated no vlan1 for trunked i/fs.

  4. #4
    Join Date
    2015-08-26
    Posts
    81
    Rep Power
    3

    Default Re: no vlan 1 in gaia interface configuration

    Is there a way to set the Native Vlan for an interface like we can do with Cisco?

  5. #5
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,399
    Rep Power
    8

    Default Re: no vlan 1 in gaia interface configuration

    Quote Originally Posted by jerryroy1 View Post
    Is there a way to set the Native Vlan for an interface like we can do with Cisco?
    What is it your trying to do? Create a vlan1 interface?

  6. #6
    Join Date
    2006-03-08
    Location
    Lausanne
    Posts
    966
    Rep Power
    12

    Default Re: no vlan 1 in gaia interface configuration

    VLAN tag 1 is a native VLAN, does not require a tag. It is not available on a trunk interface with Check Point
    -------------

    Valeri Loukine
    CCMA, CCSM, CCSI
    http://checkpoint-master-architect.blogspot.com/

Similar Threads

  1. Bulk VLAN interface migration
    By Sn1ffer in forum Check Point SecurePlatform (SPLAT)
    Replies: 2
    Last Post: 2013-03-07, 05:59
  2. mgmt-port in Gaia configuration ?
    By messalina in forum R75.40 (GAiA)
    Replies: 1
    Last Post: 2013-02-07, 03:38
  3. Vlan configuration
    By marcko32 in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 3
    Last Post: 2010-11-22, 18:21
  4. VLAN configuration in NGX 65
    By renato_rj in forum Miscellaneous
    Replies: 3
    Last Post: 2009-10-08, 10:50
  5. VLAN Configuration in SecurePlatform with trunk
    By ngsud in forum Check Point SecurePlatform (SPLAT)
    Replies: 5
    Last Post: 2008-12-16, 17:10

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •