Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Tom_Kendrick
Employee
Employee

Building ElasticXL in R82 walk through (with videos)

I have created a series of videos that talk through ElasticXL (and later rebuilt with VSNext). 

In this group of videos, you will see: 

1)Running the first time wizard and setting up ElasticXL

2) Talk through of the webUI/CLI and some basic options

3) Setup interfaces and VLANs, establish SIC 

4) Look at the new tool - Insights, and adding a new member

5) Wrap up with 2 members and the show cluster command

 

(3)
5 Replies
the_rock
Legend
Legend

Wow, thats extremelly helpful.

Andy

0 Kudos
PhoneBoy
Admin
Admin

Nicely done!

0 Kudos
Magnus-Holmberg
Advisor

Nice videos 🙂

Could you add a network diagram on how this setup actually is.

So when am checking the documentation its refering to having the MGMT station be able to connect to the MAG interface, so very similar to VSX VS0.

However MAG interface dose not have a virtual IP.
In ClusterXL he drawings and education material was always to have the MGMT station and smartconsole machine behind the Gateway to protect it.

But when not having virtual IP on this MGMT VLAN to be used as default GW for the MGMT station,
what is check point recommended design when a customer have 1 cluster? 

Regards,
Magnus

https://www.youtube.com/c/MagnusHolmberg-NetSec
0 Kudos
Tom_Kendrick
Employee
Employee

Hi Magnus, in this setup it's in an isolated lab, so Mgmt is on the same subnet as the MAGG, and Breaking Point connected to the data interfaces.

In the lab prod gw, the Mgmt MAGG does have a VIP (think like Maestro Mgmt), and I didnt want to change the MDS (as it's used for other things), so I added a different IP/subnet to the Mgmt IP on the new EXL hardware migrating to it. 

The GW object was changed to use the EXL MAGG "VIP" (IP) as the object IP - of course updated interfaces/vlans/bonds too, and I am just routing through the EXL group on one VLAN, to get to the MAGG interface on the other side and back again. Alternatively I could have used a VRF/SVI, but seems OK so far.

I was able to swap over to EXL fine, and added an additional member too.

 

Tom

0 Kudos
Paul_Grigg
Employee
Employee

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events