I was reading the ClusterXL guide and read that. I talked to my
on-site Cisco guy and he said it wasn't necessary. I'll have him try
to put the static entry in.
Layne
On Jul 20, 2005, at 7:55 AM, Timothy Arnold wrote:
do you have a cisco router/switch in front of them? iirc they cannot
handle multicast addresses so you need to put a static arp entry in!
----- Original Message ----- From: "Layne Meier" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Wednesday, July 20, 2005 12:38 PM
Subject: [FW-1] Cluster XL Problem
I'm having a bit of trouble setting up a VPN-1/Firewall-1 Cluster.
In my attempt, I have all of the appropriate licenses (VFF,
ClusterXL, Policy Server).
I have set up a pair of Sun Netra T-1 105 servers, with a QuadFast
Ethernet Adapter in each of them as the enforcement modules. I've
set up a Sun Netra X1 as the management server. All of these systems
are running Sun Solaris 8, with the appropriate Solaris patches
required by CheckPoint installed.
I defined my cluster with the "virtual" IP Addresses that will be
used, defined the two enforcement modules as cluster members with
unique IP Addresses for their local interfaces. Pushed a policy to
them.
All of this is pretty normal. However, here is my problem.
If I establish my cluster as a Load Sharing, Multicast cluster, I can
only ping from my local network, the two unique IP Addresses of the
LAN interfaces of the two enforcement modules. I cannot ping, the
virtual IP Address, the external unique IP Addresses, nor the virtual
of them.
If I change it to a Load Sharing, Unicast cluster, I can ping all
interfaces, including all virtuals. I prefer the concept of a load
sharing cluster without having a pivot system.
Any thoughts as to why I can't get Load Sharing Multicast to work?
Thank you,
Layne Meier
Atlanta, GA
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
