Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Hello
We've deployed a R80.40 southbound Geo Cluster in AWS environment for dealing with east-west and egress Internet traffics.
We don't want to hide nat AWS east-west traffics but only hide nat Internet egress traffics.
My nat policy is in attachment
Every thing works well until I test failover 😞
After the geo cluster failover, egress Internet traffics always match nat rule#4, so making no access to Internet ...
Some one can help ...
Hi @dinkoctlui,
You can test the following!
A) Check the cluster failover:
1) Run the script with this command (do not change the syntax):
# $FWDIR/scripts/azure_ha_test.py
2) If all tests were successful, this shows: All tests were successful!
Otherwise, an error message is displayed with information to troubleshoot the problem.
3) Simulate a cluster failover. For example, shut down the internal interface of the active cluster member:
# ip link set dev eth1 down/up
or
# clusterXL_admin down/up
B) Use an automatic hide NAT rule on the cluster object!
