l'm in the process of building a redundant (cold swap) firewall for one of my clients.
Our client just has the one Nokia IP440 firewall with no management console, and since they don't wish to pay for a 2nd license, the redundant firewall will be cold swap.
The original and the new redundant FW's are both Nokia IP440's, the original with ipso 3.5-FCS10 the redundant will come with ipso 3.7. With the exception of the original IP440 having the disk mirroring option, they are both physically configured identically.
What l intend to do is ensure that they both have the same version of FW (4.1 sp6), and then copy across the conf, database and state directory files from the original FW to the new FW's equivalent directories, as well as any files modified in the lib directory. Then l apply the licences to the new Firewall.
Does this sound correct? Have l missed anything? Can anyone forsee any problems l may encounter?
Your advice will be greatly appreciated.
Another way l could do this would be to take one of the mirrored disks from the original IP440 (it came with the mirroring option), and place it in the new firewall. The only thing stopping me from doing this is the doubt regarding how the mirroring is done (software vs hardware). As the redundant firewall does not come with the mirroring option, would this method work? Does anyone know how the mirroring is done?
If l could do that, then l would place the disk from the redundant firewall into the original firewall when it realizes that a disk is missing (emulating a disk failure) and requests a replacement disk.
Thanks in advance.
Alan
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
