Yes. I did. It shouldn't be so complicated right to configure?
Regards,
Al
Kohlmeier, Markus wrote:
Hi,
Is IGMP snooping enabled at the switch? If yes, try with disabled IGMP
snooping.
Regards, Markus
Am 13.04.2006 10:20 Uhr schrieb "Alexander Simbun" unter
<[EMAIL PROTECTED]>:
Hi,
Using cross cable certainly works but at this moment these two
enforcements are located on separated location which connected through
Cisco 6500 series. I had allocated a dedicated VLAN for heartbeat. So,
any idea why this thing happens?
Thanks,
Regards,
Al.
Bhavin Gandhi wrote:
Did u try using a cross cable for sync interface?
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] Behalf Of
Alexander Simbun
Sent: Thursday, April 13, 2006 10:15 AM
To: [email protected]
Subject: [FW-1] firewall synchronization not properly working on
RainWall/CheckPoint'sfirewallcluster
Dear experts,
I had a problem with our firewall cluster which doesn't work properly
due to the synchronization error as stated below:
*fwe3 firewall*
Apr 13 11:05:40 fwe3xxx.xxxx.xx fw: [ID 544343 kern.notice] CPHA: Found
another machine with same cluster ID. There is probably another cluster
Apr 13 11:05:40 fwe3xxx.xxxx.xx connected to the same switch/hub as this
one.
Apr 13 11:05:40 fwe3xxx.xxxx.xx fw: [ID 407823 kern.notice] CPHA: This
is an illegal configuration. Each cluster should be connected to another
set of switches/hubs.
The firewall's H.A link detected that its partner is down.
Cluster Mode: Sync only (OPSEC)
Number Unique Address Firewall State (*)
1 10.1.0.1 down
2 (local) 10.1.0.3 active
(*) FW-1 monitors only the sync operation and the security policy
Use OPSEC's monitoring tool to get the cluster status
and it is similar to fwe1 firewall as shown below.
*fwe1 firewall
*Apr 13 11:05:30 fwe1xxx.xxxx.xx fw: CPHA: Found another machine with
same cluster ID. There is probably another cluster
Apr 13 11:05:30 fwe1xxx.xxxx.xx connected to the same switch/hub as this
one.
Apr 13 11:05:30 fwe1xxx.xxxx.xx fw: CPHA: This is an illegal
configuration. Each cluster should be connected to another set of
switches/hubs.
Cluster Mode: Sync only (OPSEC)
Number Unique Address Firewall State (*)
1(local) 10.1.0.1 active
2 10.1.0.3 down
(*) FW-1 monitors only the sync operation and the security policy
Use OPSEC's monitoring tool to get the cluster status
How to fix this? FYI, I'm using RainWall 3.1 SP5 and Check Point NG AI
R55 HFA15. Please help me on this matter.
Thanks very much.
Regards,
Al
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain proprietary, confidential or privileged information. If you are not
the intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this
message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The company
accepts no liability for any damage caused by any virus transmitted by this
email.
www.wipro.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
Markus Kohlmeier
DTS Service GmbH
Geschäftsbereich Managed Service
IT Security Team
Tel: +49 5221 / 101 2722
Fax: +49 5221 / 101 1001
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
