|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] question fort high availability..any other thing to do?
Sorry, I think I asked a stupid question just now, I think the two firewalls should have the same configuration files and they synchronized with each other. The questions I need to ask now are 1) How to set which firewall is the active and which one is the backup? 2) Whether the two firewalls are having the same IP addresses or not? If not how they back up each other? Since I can only point the clients to one firewall IP. 3) In the documentation, I saw in the Firewall A, fw putkey "firewallB IP" <the authentication password (key)> and in firewall B, fw putkey "firewallA IP" <the authentication password (key)>. 3.a) That's mean they are of different IPs? 3.b) There are two IPs for two interfaces in both of my firewalls, hme0 and hme1. Which IP I need to put in the fw putkey? FYI, hme1 of firewallA is facing outside now and license is installed on hme1. Should we make sure the two IP can ping each other? 3c) <the authentication password (key)> for the two firewalls must be the same? Can be in any format right? 4) Any other thing to configure for the high availability? Sim -----Original Message----- From: Sim, CT (Chee Tong) Sent: Thursday, March 14, 2002 3:32 PM To: 'Mailing list for discussion of Firewall-1' Subject: question fort high availability..any other thing to do? Hi, Dear friends, I need to take a down an existing firewall (Firewall B) and configure it to be the backup server of another firewall (Firewall A). These two firewalls are on same network and both are running checkpoint 4.0 on solaris box. Of course both of them are having different routing table and IP addresses. (both firewall got 2 interfaces, one with the same local network, one facing the outside network) I learnt that I need to configure high availability, but I had little knowledge about it. The procedure on book states... 1)create a file $FWDIR/conf/sync.conf in Firewall A and its content is "firewallB", 2)fwstop firewall 3)Establish a control path from Firewall A to Firewall B using fw putkey fw putkey firewallB <the authentication password (key)> 4)fwstart firewall On FirewallB, do the same things, change the previous "firewallB" to firewallA" Is that all we need to do to synchronize the 2 firewalls? As the two firewalls are having different configuration right now, don't you have to change anything? How do the system know whether Firewall B to follow Firewall A, or the other way round? As I need to configure Firewall B to back up Firewall A. Do I need to configure Firewall B to have same routing table, and ARP entries as Firewall A and have the same IP addresses (for two interfaces)? Then will it crashes with each other as they are having same IP ================================================================== De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. ================================================================== The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. ================================================================== ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
