NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Stonebeat FullCluster 2.0, FW-1, and VPN Encryption cards



Title: Stonebeat FullCluster 2.0, FW-1, and VPN Encryption cards

Question.

Trying to install Stonebeat FullCLuster 2.0 SP1b with Checkpoint 4.1 SP2 on solaris 2.6
I have the load-balancing configured correctly, tested telnet and ftp fail-over, etcc..... all with success. One problem that I am having now is the SecuRemote transparent failover.   I get a topology fine, securemote in and the firewalls are using IP-Pools. I see the firewall assigning the correct IP-pool address and my connection looks good UNTIL I try to failover.  It's inconsistent.  The SecuRemote connection will fail for a little while sometimes and come back up and sometimes It won't come up at all.  AND, the worst part is when it fails over the, the first firewall that it was originally going through DIES! 

Here are  some error messages that I saw in /var/adm/messages on the firewall that dies.
unix: warning: luna:_lookup-context:  illegal sessionid
fw-1:VPN-1 AC failed in ESP destroying context.
I am going to try to disable the accelerator card and rerun the test, but I was wondering if anyone has seen this before?

I have never had any problems with the accelerator cards but does it get confused, I wonder, with thowing the session back and forth between the other firewall?? I don't know.

So, does anyone have success using VPN acclerator cards in Solaris 2.6 boxes with Checkpoint 4.1 SP2 and loadbalancing with Stonebeat FullCLuster 2.0 SP1b????

THanks.

Holly Wales
Lockheed Martin
[email protected]
phone:
fax:



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.