Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
shaikhniraj
Explorer

Both Active and secondary firewall showing as :Primary ("[4]1")

Hello,

 

We have checkpoint security gateway configured as HA cluster. Since last reboot its showing both the cluster members as primary when we try to run command  grep Primary "$CPDIR//registry/HKLM_registry.data"  it gives output as :Primary ("[4]1").

When we checked from HA smart dashboard it shows as below

 
 

x1.JPG

 x2.JPG

 

I am using R77.20

 

Can some one help me to fix this ?

It looks we need to force demote one primary but i am not sure how to do this as there is no such documentations available

Thanks,

Niraj

 

 

 

0 Kudos
5 Replies
_Val_
Admin
Admin

First, you are running a version which is out of support for a long time already. I would urge you to upgrade to one of R8x supported versions.

Secondly, you are confusing ClusterXL with Management HA. Unless you are running Full HA cluster, this menu is irrelevant. It looks to me, you only have one management server.

0 Kudos
shaikhniraj
Explorer

Hello Val,

 

Thanks for the response.

Yes I am aware that version which i am running is older and out of services but i can not do a upgrade as the hardware is quite older and replacement is only option which can not be done at the moment.

Yes we were running full HA cluster and were able to do sync and do switch to sandby/active via that menu. 

Management logs shown error to use as below for few day 

"General Information: Multiple active Security Management Servers detected"

 

Then it showed the error as " General Information: No active Security Management Server detected"

Since then it was started showing us error in HA Management and if we take one firewall down it does not switch to secondary as both firewall thinks they are primary as i believe.

Not sure if we can fix this config to make sure one works as primary and second as secondary.

 

Regards,

Niraj

 

 

 

0 Kudos
_Val_
Admin
Admin

There is a button, "change to secondary". Push it on one that is supposed to be secondary and see what happens.  There is some sort of corruption in your case, and it is impossible to say what went wrong without a proper debug.

I would suggest you to open a service request, but since you are running without it, I guess it is not an option for you.

0 Kudos
shaikhniraj
Explorer

Hello Val,

Can you confirm which button you are talking about ? Is that physical button on device or its in Smart dashboard? 

I have checked Smartdashboard and cant find any such option,

0 Kudos
_Val_
Admin
Admin

I was referring to one mentioned above, from HA SmartDashboard Pop-up. It only works if you have peers appearing in the menu. If you still do not have any peers mentioned there, please go to TAC and run as a support case with them

0 Kudos