I did NOT have an issue if I move this cluster to a brand new CMA. This issue only happens with this particular CMA which is a migration CMA from R55 to R65.
Gary Scott <[EMAIL PROTECTED]> wrote: I saw similar SIC crazy issues with P1-R65-HFA-02. Things cleared up after installing the HF for HFA-02 per CP res sk33821 -GS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of cisco4ng Sent: Friday, May 16, 2008 11:14 AM To: [email protected] Subject: Re: [FW-1] Checkpoint SIC trouble. Urgent help please!!!! How is that going to solve anything? I did also try that but still no luck :-( Arvind Teemul wrote: Hi, Do a Policy Install with NO QoS as a test. Regards, Arvind On Fri, May 16, 2008 at 8:05 AM, cisco4ng wrote: > Have a situation: > > a pair of IBM 3650 dual quad-core processors 3.16 Ghz with 4GB RAM > running in ClusterXL Active/Active Unicast mode. The Checkpoint > software is NGx R65 2.6 kernel > > This firewall pair is being managed by Provider-1 NGx R65 2.4 kernel > with HFA_02 running on a Dell 2850 dual processors 3.06 Ghz with 8GB RAM. > > Logs on the firewalls are being sent to a Provider-1 MLM and a standalone > CLM. > Provider-1 is NGx R65 with HFA_02 on 2.4 kernel. The stand-alone CLM > is NGx R65 2.6 kernel on a Dell 2950-III box. > > Everything is running checkpoint 30 days eval license. > > I have about 300 rules in the security policy. I pushed policy to the > pair of firewalls. Everything is working fine and I get no errors when > pushing policy to the firewall > > I have a couple of QoS rule in the QoS policy. I see NO errors when > pushing policy to the firewalls. > > At this point I start pushing about 900Mbps between the Iperf > client/server > through the firewall. > > Here are two issues I have: > > 1- In SmartView Monitor, it tells me that I hav NO QoS policy installed > on gw1 and gw2, > > 2- After every two hours, I lose SIC either to the gw1 or gw2 firewall. > I verified this by performing "test SIC" in the cluster members. When > I pushed policy to the firewall, it tells me that policy push failed > either to gw1 or gw2 member. The only way for me to fix is to re-SIC > and reboot the firewall and re-establish SIC with the Provider-1 CMA. > > Is this a bug in Checkpoint or something? My setup is a very simple one. > > Comment anyone? Thanks. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
