The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
VTI Routes are not added correctly when more than 50 VTI Tunnels are used
R80.20, R80.30, R80.40, R81, R81.10
Platform / Model
Any created static route pointing out the vpnt interface (or the nexthop peer) do not show in the routing table.
When installing policy, a cluster VIP from another VTI can be assigned to newly created VTI.
Log in $FWDIR/log/Routed.log shows that the VIP is added somewhere else. For example, IP for vpnt67 is removed so it can become vpnt84's IP:
[DATE TIME] cpcl_create_address(3319): Removing X.X.X.X from vpnt67 so it can become vpnt84's cluster IP
When using more than 50 VPN Tunnel Interfaces (VTI), the temporary storage runs out, and the Security Gateway start assigning VIP's used by other interfaces to a new VTI.