| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW-1] NG AI VRRP Cluster not clustering.....Some have problem with CLIU STERING CONFIGURATION
- To: [email protected]
- Subject: [FW-1] NG AI VRRP Cluster not clustering.....Some have problem with CLIU STERING CONFIGURATION
- From: Oscar Aviles Sandoval <[email protected]>
- Date: Thu, 9 Oct 2003 11:07:21 -0500
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
Hello EveryBody:
Hi Steffen and Mark
I have two Nokia IP530 box running IPSO 3.7 Build 27 on Both and NG AI
I have config VPPR on three interfaces
Cold Delay: 60
Priority: 100 and 95
Delta: 10
I made the following test:
Two box are connected in two different network.
On the Master box I see: MASTER and two interfaces on MASTER
On the Slave box I see: SLAVE and two interface on SLAVE
When I unplug one cable on the MASTER I can see:
On the Master box I see: SLAVE and two interfaces on SLAVE
On the Slave box I see: MASTER and two interface on MASTER
Then when I plug the cable again on the MASTER box: I see
On the Master box I see: MASTER and two interfaces on MASTER
On the Slave box I see: SLAVE and two interface on SLAVE
In other work, the Master box takes all interfaces like a Master again.
I thinks trhis is working fine.
ON ANOTHER SCENARY I TEST THE FOLLOWING CONFIGURATION:
I have two Nokia IP530 box running IPSO 3.7 Build 27 on Both and NG AI
I had config CLUSTERING on two interfaces (I have configuration the same
interface for synchronization for CheckPoint and Nokia)
I use Multicast with the same time: 590 (for default on each box)
When I make the test all connection was working fine.
In the test I made the following:
I start a FTP transfer from trusted side to public side, I see the
connection on the log.
Then I unplug the cable, the transfer continue without problems I think for
another box.
All connection work fine.
The problem appear when I plug again the cable (reconnect) , the transfer
stop and I lost all connection in this moment. I think the problem is the
Check Point
(I think it does not make the synchronization all tables on both box, but
this is strange because I make the FW CTL PSTAT and I see synchronization
packets) then can not make PING or FTP or HTTP between sides, but I have
response from each firewall interfaces (PING).
SOME HAVE WORKING FINE CLUSTERING CONFIGURATION???
Because make all possible probes and tests and it don't support the
reconnection and all connections falls.
I tried with two synchronization network (one for Check Point and one for
Nokia) and I have the same result.
Best Regards.
Oscar Aviles
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
