Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] FW's constantly changing state

To: [email protected]
Subject: RE: [FW1] FW's constantly changing state
From: MikeCC <[email protected]>
Date: Fri, 02 Feb 2001 10:34:18 -0500
In-reply-to: <[email protected]>
Sender: [email protected]

A correction to my initial description. Both Firewalls do not think they are Master, I read the page incorrectly, the primary Firewall continues to remain Master and the secondary remains at Backup even when the status monitor reports the primary firewall as disconnected.

I have the vrrp multicast host defined and allow communication from the firewall to that address and back.

I am beginning to think VRRP configuration, which as been verified correct by a Nokia engineer, is not necessarily related to the problem.

At 07:26 AM 2/2/01 -0800, Wayne Graves wrote:

If both think they are master your multicast vrrp messages are not getting out between the boxes. Assuming your using monitor type vrrp they both have a priority and they both send out a multicast to determine who is highest, then the highest one continues to send out multicast and the lower goes to backup state, if the multicast stops then it's assumed the master has died and the backup becomes master. ALL interfaces that are using vrrp have to have multicast allowed, in acceptable spoof list and such. If you don't have the online doc kit installed then get it and install it, it's on the Nokia web site. It have a good explanation of it all and what rules are needed. Wayne
-----Original Message-----
From: MikeCC [mailto:[email protected]]
Sent: Monday, January 29, 2001 7:43 AM
To: [email protected]
Subject: [FW1] FW's constantly changing state
Hello,

I am running two Nokia 650's with FW 4.1 running VRRP.
The issue I am having is that every couple of minutes both firewalls change
state, from installed to disconnected and back from disconnected to installed.
When I look at the VRRP status, both firewalls think they are the
master.  The firewalls are connected for a Cisco 6509 switch, but I have
since put them on a simple hub and still see the same behavior.
Any suggestions?
MikeCC
http://atrek.org/mikecc
================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================


MikeCC
http://atrek.org/mikecc

================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Remote module logs
Next by Date: [FW1] New to FW-1 need help
Previous by thread: [FW1] FW's constantly changing state
Next by thread: RE: [FW1] FW's constantly changing state
Index(es):
- Date
- Thread