[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] VRRP and SecuRemote problem

To: "'Blitzzz blitzzz'" <[email protected]>, [email protected]
Subject: RE: [FW1] VRRP and SecuRemote problem
From: "Luke, Jason (ISS Southfield)" <[email protected]>
Date: Wed, 27 Jun 2001 09:10:33 -0400
Sender: [email protected]


The first thing you should check is to make sure that the firewalls are
syncing while the second Nokia is primary.  How do test failover?  
Do you maybe;
	1) Pull the cable that is the sync connection when failing over to
the second box, thereby losing the sync connection?
or
	2) Reboot the first Nokia to cause failover?  This would cause the
second Nokia to become primary, but then when the reboot is complete, the
first Nokia would come back up and become primary.  However, it probably
didn't have time to re-sync its state tables before becoming primary,
thereby dropping the current connections.  The Coldstart Delay setting in
the VRRP config page helps alleviate this by delaying the failover upon
reboot.

Jason


-----Original Message-----
From: Blitzzz blitzzz [mailto:[email protected]]
Sent: Monday, June 25, 2001 11:26 AM
To: [email protected]
Subject: [FW1] VRRP and SecuRemote problem



Hi,

I have two Nokia IP330 with VRRP configured.
In Checkpoint i have a Gateway Cluster configured with
the virtual IP and the two Nokia's as members.

My problem is not when the Primary fails, that works
great the second Nokia takes over the Securemote
connection, the problem is when the Primary comes back
up i lose the SecuRemote connection.

Using IPSO 3.3 with BOOTMGR 3.3, CheckPoint SP3

In the two Nokia's i have the IFWD daemon disabled.

Any ideas ?

Thank you


__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Nokia Setup
Next by Date: [FW1] Problems reading logfile from fw-1 3.0b
Prev by thread: [FW1] VRRP and SecuRemote problem
Next by thread: [FW1] Log files
Index(es):
- Date
- Thread