I am running into problems while testing a Nokia VRRP cluster and would appreciate help.
I have two Nokia IP530s running Ipso 3.8.1 and NG AI R55 for IPSO 3.8 with HFA_02 applied on both modules. Management is on Windows running NG AI R55 HFA_12.
I have configured the cluster and created the multicast rule allowing the cluster members to talk to the multicast address using both vrrp and igmp. I am able to push policy fine and can ping all the firewall interfaces. However when I attempt to simulate a failover, it appears no failover happens. I have setup the cluster as master/master.
While pinging one of the interfaces of the firewall that is currently the active master, if i pull the cable from the interface, I see ping timeouts however I do not see firewall two taking over the connection. Looking at show vrrp stats shows the interface is down and its priority is correctly reduced however on the second firewall I see "Bad master information" This seems to be unique for the second firewall as the first firewall does not show any error.
Looking at the checkpoint logs, I see the following message:
Information: cluster_info: (3rd Party Cluster) State change of member 1 (x.x.x.x) from active to down was canceled, since all other members are down. Member remains active.
I have searched both Nokia and Checkpoint knowledgebase and could not find any possible solution or explanation. Has anyone of you encountered this problem? If yes, any possible solution you tried?
Regards,
Mohamed
"Securing Networks is not a matter for novices"
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
