I am trying to set up an HA enviroment with checkpoint 4.1. According to
the
documentation I have set up the systems as follows:
1) Managment console on a seperate machine and subnet,
this is also designated as the secure subnet
2) Two machines with the external and internal NICs with the same IP
address and
MAC's (i.e both the machines have the same IP addresses and MAC
addresses)
3) defined a gateway cluster with IP of the external NIC
4) defined two firewall modules with the IP's of the managment subnet,
i.e. secured interfaces
5) defined the firewall modules to be members of the cluster.
My questions/problems are:
1) Do I need any third party HA software (such as Stonebeat)?? I have
the Checkpoint HA module loaded
and can perform the cphaxxx commands.
2) When I bring up the firewalls, both the machines have their NIC's
active. Isn't the HA software
suppose to take care of this where the active machine should have
the NIC's live and the
standby machine be in standby mode.
3) I have all the 3 interfaces listed on both the machines in
hostanme.hme0 hostname.znb0
and hostname.znb1, so that means that solaris would ifconfig the
interface while coming up.
Should I remove the znb entries on the secondary ones ( that's where
the external and internal
IP's are defined)???
What am I missing here???
Thanks in advance!
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
