I have a pair of IP440s in HA mode. I applied the hotfix recently (fw-1 4.0, SP5.IPSO3.2.1) on the swecondary and did iot correctly (ie. I opted for newpkg>upgrade and turned it on in voyager) but on the primary I went for install as new package (duh) and turned it on in voyager. Obviously it didn;t work and loaded a default policy, gave a bunch of errors and said that only 25 hosts were licenced. I fixed it quickly but noticed that my squid cache in the dmz was unavailable during this time. I thought that it would continue to work via the second router but it didn't. I have tested the nokia HA solution by pulling the power and also by pulling a network cable on the primary and this fails over correctly with no interruption to the web/cache, ftp etc. I assume that the default policy loaded by the primary router blocks access but is there any way of avoiding this (besides being more careful when applying patches!)? rgds declan _____________________________________ Get your free E-mail at http://www.ireland.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
