This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Olusegun_Adekun
Contributor
‎2024-01-12 09:46 AM
Jump to solution

Azure Cloudguard Cluster Upgrade from R81.10 to R81.20

Hi All,

I need to upgrade our Azure CloudGuard Cluster from R81.10 to R81.20, however I need to install the Latest Jumbo Hotfix Take 130 First.

My question is, can I install on the Standby first the Jumbo Hotfix and immediately R81.20 image. Then failover to this upgraded firewall, leave for some few days and install on the other firewall.

OR

I should install Jumbo Hotfix take 130 on both Firewall first and next day install the R81.20.

Am thinking it's better to install JHF T130 on both first for consistency of software images on both firewalls.

 

Any suggestion please?

Regards,

Olu

 

0 Kudos
1 Solution

Accepted Solutions
gto_gary
Participant
Participant
‎2024-01-12 02:02 PM
Jump to solution

Hi,

I would definitely recommend do this in 2 steps to ensure stability.

1. Install the JHF you require on each cluster member.

https://sc1.checkpoint.com/documents/Jumbo_HFA/R81.10/R81.10/Installation-Uninstall.htm

2. Once both nodes are complete and the cluster is verified as healthy and working move forward with the version upgrade. Upgrades for Azure CG clusters can now be done as an in place upgrade, and works quite well.

https://support.checkpoint.com/results/sk/sk177714

All the best,

gto_gary

View solution in original post

7 Replies
gto_gary
Participant
Participant
‎2024-01-12 02:02 PM
Jump to solution

Hi,

I would definitely recommend do this in 2 steps to ensure stability.

1. Install the JHF you require on each cluster member.

https://sc1.checkpoint.com/documents/Jumbo_HFA/R81.10/R81.10/Installation-Uninstall.htm

2. Once both nodes are complete and the cluster is verified as healthy and working move forward with the version upgrade. Upgrades for Azure CG clusters can now be done as an in place upgrade, and works quite well.

https://support.checkpoint.com/results/sk/sk177714

All the best,

gto_gary

Olusegun_Adekun
Contributor
‎2024-01-14 04:30 AM
In response to gto_gary
Jump to solution

Hi Gary,

Thanks very much for the information. Much Appreciated.

Regards,

Olu

0 Kudos
John_Richards
Contributor
‎2024-02-13 08:33 AM
In response to gto_gary
Jump to solution

We have tried to upgrade a R81.10 Azure Cluster to R81.20. The upgrade was successful but all traffic stopped going through the FW. We could not ping any VM's behind the FW (we could before the upgrade). We rolled back to R81.10 and traffic started flowing. We were NOT on JHF T130 before the upgrade. We did an in place upgrade using the following package (azure_Check_Point_ivory_main_T631_R81.20_Gaia_3_10_Install_and_Upgrade.tar). I now see that there is a newer one (aio_Check_Point_ivory_main_T631_R81.20_Gaia_3_10_Install_and_Upgrade.tar).

1. Do you need to apply JHF 130 before upgrading to R81.20?

2. Does anyone know the difference between all these Azure releases (Ivory, aio etc). I would normally use the Blink package, which does work. All the various releases are available on support when you search for R81.20 azure downloads.

 

Thanks

0 Kudos
the_rock
Legend
Legend
‎2024-02-13 08:52 AM
In response to John_Richards
Jump to solution

I cant say if thats process for gateways these days in Azure, but my colleague and I never had to do it that way for mgmt server, just us actual upgrade image from the sk @gto_gary provided.

Best,

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-01-12 04:13 PM
Jump to solution

You are luck if you are doing it now, because back few months ago, only mgmt upgrade was possible, NOT gateways.

Best,

Andy

0 Kudos
Olusegun_Adekun
Contributor
‎2024-01-14 04:32 AM
In response to the_rock
Jump to solution

Hi the_rock,

 

I believe that am lucky.

Thanks,

Olu

0 Kudos
the_rock
Legend
Legend
‎2024-01-14 06:08 AM
In response to Olusegun_Adekun
Jump to solution

Well, makes it easier, for sure, rather than deploying brand new instance in parallel.

Best,

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top