Hi, The thread is a little bit aged, but this is the workaround I've got from checkpoint for R71 :
no_hide_services_ports in $FWDIR/lib/table.def <80, 6>, <443, 6>, <53, 17> Now the standby gateway is able to update the database. -Tom -----Ursprüngliche Nachricht----- Von: Mailing list for discussion of Firewall-1 [mailto:[email protected]] Im Auftrag von Reinhard Stich Gesendet: Freitag, 24. September 2010 19:07 An: [email protected] Betreff: Re: [FW-1] AV/URL Filtering Blades hi, maybe your backup node is using the cluster-IP for the outbound connection to update the AV-database. you should define manual no-nat-rules to not NAT these connections br reinhard At 12:02 24.09.2010, you wrote: >Hi, > >we have a R71.10 Cluster with two high availability gateways and one >Management. I've configured automatic update for AntiVirus and Url >Filtering. Our licenses and contract files are up-to-date. >Now the question: >Only the active gateway is able to update the database; the other shows >"Error: Last signature update failed (Connect failed)" in SmartMonitor. >Switching to the standby and the gw2 connects successfully and updates, >but now gw1 can't do that. >We've got full licenses and the corresponding ha licenses; "it works as >designed" ?? > >Thx >Tom > > >Scanned by Check Point Total Security Gateway. > >================================================= >To set vacation, Out-Of-Office, or away messages, send an email to >[email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your subscription options, >email [email protected] >================================================= > >Scanned by Check Point Total Security Gateway. -- Reinhard Stich [email protected] Arrow ECS Internet Security AG, 1100 Wien, Wienerbergstrasse 11 Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333 Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Scanned by Check Point Total Security Gateway. Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
