Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] question fort high availability..any other thing to do?

To: [email protected]
Subject: Re: [FW-1] question fort high availability..any other thing to do?
From: Don <[email protected]>
Date: Thu, 14 Mar 2002 08:57:24 -0500
In-reply-to: <1E8992B3CD28D4119D5B00508B08EC5601F7B8E2@sinxsn02.ap.rabobank.com>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

> Sorry, I think I asked a stupid question just now, I think the two firewalls
> should have the same configuration files and they synchronized with each
> other.  The questions I need to ask now are
First, the firewalls need to be configured identically.

> 1)      How to set which firewall is the active and which one is the backup?
> 2)      Whether the two firewalls are having the same IP addresses or not?
> If not how they back up each other?  Since I can only point the clients to
> one firewall IP.
> 3)       In the documentation, I saw in the Firewall A, fw putkey "firewallB
> IP" <the authentication password (key)> and in firewall B, fw putkey
> "firewallA IP" <the authentication password (key)>.
>
> 3.a) That's mean they are of different IPs?
> 3.b) There are two IPs for two interfaces in both of my firewalls, hme0 and
> hme1.  Which IP I need to put in the fw putkey? FYI, hme1 of firewallA is
> facing outside  now and license is installed on hme1.   Should we make sure
> the two IP can ping each other?
> 3c) <the authentication password (key)> for the two firewalls must be the
> same?  Can be in any format right?
> 4)      Any other thing to configure for the high availability?
In order to configure HA, you need to install special software on the
firewalls. This software handles the actual failover functions. It moves
the IP addresses from one firewall to the other, determins which system is
active, etc.

You should probably speak to a consultant about setting this up as it can
be difficult to configure and get working properly.

-Don

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- Re: [FW-1] question fort high availability..any other thing to do?
  - From: "Sim, CT (Chee Tong)" <[email protected]>

Prev by Date: Re: [FW-1] Source IP change after creating uri
Next by Date: Re: [FW-1] Source IP change after creating uri
Previous by thread: Re: [FW-1] question fort high availability..any other thing to do?
Next by thread: [FW-1] AW: [FW-1] question fort high availability..any other thing to do ?
Index(es):
- Date
- Thread