CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


CPUG Challenge 2018?? We will be holding another CPUG Challenge for 2018.
The plan is to time it around CPX again (earlier this year), but not necessarily limit it to those in attendance.
I'll provide more details as we get a bit closer, but be ready! -E

 

Results 1 to 14 of 14

Thread: no vlan 1 in gaia interface configuration

Hybrid View

  1. #1
    Join Date
    2007-07-29
    Posts
    20
    Rep Power
    0

    Default no vlan 1 in gaia interface configuration

    just trying to add vlan 1 in gaia, its states that the min value for this is 2.
    what am i missing???
    its a 4600 ip appliance runnign r75.40, 2.6.18-92cp

  2. #2
    Join Date
    2005-11-25
    Location
    United States, Southeast
    Posts
    857
    Rep Power
    13

    Default Re: no vlan 1 in gaia interface configuration

    This is CheckPoint's mistaken idea about VLAN tagging. I can only think they got it from the cisco world where a native vlan defaults to 1 on a trunk interface. They didnt realize the default native vlan can be changed, thus resulting in tagged frames from vlan 1.

    Interesting enough, in SecurePlatform, you can manually create a vlan 1 tagged interface (vconfig). You can likely do it in GAIA as well, but it wont survive a reboot.

    But, to be fair, even cisco says, for security reasons, not to use VLAN 1 for anything legitimate. It is a good recommendation.

  3. #3
    Join Date
    2007-07-29
    Posts
    20
    Rep Power
    0

    Default Re: no vlan 1 in gaia interface configuration

    yes, i've since been told it was a hang over from splat, ipso was fine...so when they mashed up the two into gaia they took the ipso version over splat and mandated no vlan1 for trunked i/fs.

  4. #4
    Join Date
    2015-08-26
    Posts
    81
    Rep Power
    3

    Default Re: no vlan 1 in gaia interface configuration

    Is there a way to set the Native Vlan for an interface like we can do with Cisco?

  5. #5
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,482
    Rep Power
    8

    Default Re: no vlan 1 in gaia interface configuration

    Quote Originally Posted by jerryroy1 View Post
    Is there a way to set the Native Vlan for an interface like we can do with Cisco?
    What is it your trying to do? Create a vlan1 interface?

  6. #6
    Join Date
    2006-03-08
    Location
    Lausanne
    Posts
    1,016
    Rep Power
    13

    Default Re: no vlan 1 in gaia interface configuration

    VLAN tag 1 is a native VLAN, does not require a tag. It is not available on a trunk interface with Check Point
    -------------

    Valeri Loukine
    CCMA, CCSM, CCSI
    http://checkpoint-master-architect.blogspot.com/

Similar Threads

  1. Bulk VLAN interface migration
    By Sn1ffer in forum Check Point SecurePlatform (SPLAT)
    Replies: 2
    Last Post: 2013-03-07, 05:59
  2. mgmt-port in Gaia configuration ?
    By messalina in forum R75.40 (GAiA)
    Replies: 1
    Last Post: 2013-02-07, 03:38
  3. Vlan configuration
    By marcko32 in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 3
    Last Post: 2010-11-22, 18:21
  4. VLAN configuration in NGX 65
    By renato_rj in forum Miscellaneous
    Replies: 3
    Last Post: 2009-10-08, 10:50
  5. VLAN Configuration in SecurePlatform with trunk
    By ngsud in forum Check Point SecurePlatform (SPLAT)
    Replies: 5
    Last Post: 2008-12-16, 17:10

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •