https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246301#M12459 <P>Hello all,</P> <P>it's me again <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> <P>Now we have a problem with another cluster of two&nbsp;SMB 9000. It was working good, then something happened. Maybe I did something wrong. Now the only one Node is online, another one doesn't respond, although I see its MAC.<STRONG> I even can't open the web-interfaces of the broken Node.</STRONG></P> <P>Some logs from the nodes. The working node doesn't see the neighbor:</P> <LI-CODE lang="markup">[fws02:0]# cphaprob roles ID Role 2 (local) Master [fws02:0]# cphaprob state Cluster Mode: High Availability (Active Up) with IGMP Membership ID Unique Address Assigned Load State Name 2 (local) 172.27.255.150 100% ACTIVE fws02 Active PNOTEs: LPRB Last member state change event: Event Code: CLUS-114904 State change: ACTIVE(!) -&gt; ACTIVE Reason for state change: Reason for ACTIVE! alert has been resolved Event time: Sat Apr 12 11:17:48 2025 Cluster failover count: Failover counter: 0 Time of counter reset: Sat Apr 12 10:17:24 2025 (reboot) </LI-CODE> <P>&nbsp;The broken node:</P> <LI-CODE lang="markup">[fws01:0]# cphaprob roles ID Role 1 (local) Non-Master 2 Master [fws01:0]# cphaprob state Cluster Mode: High Availability (Active Up) with IGMP Membership ID Unique Address Assigned Load State Name 1 (local) 172.27.255.149 0% DOWN fws01 2 none 100% ACTIVE fws02 Active PNOTEs: FSYNC, POLICY, IAC Last member state change event: Event Code: CLUS-112400 State change: INIT -&gt; DOWN Reason for state change: FULLSYNC PNOTE - Policy installation failure Event time: Sat Apr 12 11:19:12 2025 Cluster failover count: Failover counter: 0 Time of counter reset: Sat Apr 12 11:17:27 2025 (reboot)</LI-CODE> <P>&nbsp;</P> <P>Very appreciate your help <span class="lia-unicode-emoji" title=":folded_hands:">🙏</span></P> Sat, 12 Apr 2025 10:05:15 GMT Exonix 2025-04-12T10:05:15Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246301#M12459 <P>Hello all,</P> <P>it's me again <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> <P>Now we have a problem with another cluster of two&nbsp;SMB 9000. It was working good, then something happened. Maybe I did something wrong. Now the only one Node is online, another one doesn't respond, although I see its MAC.<STRONG> I even can't open the web-interfaces of the broken Node.</STRONG></P> <P>Some logs from the nodes. The working node doesn't see the neighbor:</P> <LI-CODE lang="markup">[fws02:0]# cphaprob roles ID Role 2 (local) Master [fws02:0]# cphaprob state Cluster Mode: High Availability (Active Up) with IGMP Membership ID Unique Address Assigned Load State Name 2 (local) 172.27.255.150 100% ACTIVE fws02 Active PNOTEs: LPRB Last member state change event: Event Code: CLUS-114904 State change: ACTIVE(!) -&gt; ACTIVE Reason for state change: Reason for ACTIVE! alert has been resolved Event time: Sat Apr 12 11:17:48 2025 Cluster failover count: Failover counter: 0 Time of counter reset: Sat Apr 12 10:17:24 2025 (reboot) </LI-CODE> <P>&nbsp;The broken node:</P> <LI-CODE lang="markup">[fws01:0]# cphaprob roles ID Role 1 (local) Non-Master 2 Master [fws01:0]# cphaprob state Cluster Mode: High Availability (Active Up) with IGMP Membership ID Unique Address Assigned Load State Name 1 (local) 172.27.255.149 0% DOWN fws01 2 none 100% ACTIVE fws02 Active PNOTEs: FSYNC, POLICY, IAC Last member state change event: Event Code: CLUS-112400 State change: INIT -&gt; DOWN Reason for state change: FULLSYNC PNOTE - Policy installation failure Event time: Sat Apr 12 11:19:12 2025 Cluster failover count: Failover counter: 0 Time of counter reset: Sat Apr 12 11:17:27 2025 (reboot)</LI-CODE> <P>&nbsp;</P> <P>Very appreciate your help <span class="lia-unicode-emoji" title=":folded_hands:">🙏</span></P> Sat, 12 Apr 2025 10:05:15 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246301#M12459 Exonix 2025-04-12T10:05:15Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246303#M12460 <P>I don't understand this... it started working it self...</P> Sat, 12 Apr 2025 10:42:57 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246303#M12460 Exonix 2025-04-12T10:42:57Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246304#M12461 <P>So its complaining about the policy failure and sync...what does cphaprob symcstat show, as well as fw stat?</P> <P>Andy</P> Sat, 12 Apr 2025 11:19:34 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246304#M12461 the_rock 2025-04-12T11:19:34Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246308#M12462 <P>Did you install policy recently?</P> <P>Please share the firmware version &amp; build of the gateways in question.</P> <P>&nbsp;</P> Sat, 12 Apr 2025 15:05:32 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246308#M12462 Chris_Atkinson 2025-04-12T15:05:32Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246309#M12463 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/65443">@Exonix</a>&nbsp;Chris made an excellent point there...even on regular Gaia cluster, clustering will NEVER work until you install the policy.</P> <P>Andy</P> Sat, 12 Apr 2025 15:46:31 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Cluster-broke-down-SMB-9000/m-p/246309#M12463 the_rock 2025-04-12T15:46:31Z