Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Shehan_Wickrama
Collaborator

Checkpoint Standby Cluster is using VIP to communicate with outside

Hello Guys,

We have a checkpoint 15400 appliance clustered and we are having an issue with the standby cluster member.

  • We cannot ping our default gateway from the standby member but we can ping the same with our active member.

We noticed that our standby cluster member is using the virtual IP to communicate with outside instead of its own IP

Note: This issue started yesterday earlier it was working fine .

Any way to resolve this?

Thanks in advance.

5 Replies
AlekseiShelepov
Advisor

I would suggest to try fwha_forw_packet_to_not_active, a magical parameter:

Problem accessing standby cluster member from non-local network 

Try with just entering # fw ctl set int fwha_forw_packet_to_not_active 1 on both nodes, and if it hepls, enable on permanent basis in fwkern.conf.

Shehan_Wickrama
Collaborator

Hey did that in the first place didn't workout. Any other suggestions?

0 Kudos
Shehan_Wickrama
Collaborator

Thank you for replying Aleksei mentioned the same discussion article so i checked it but it didn't work.

0 Kudos
Mike_A
Advisor

Does this issue have to do with your NAT configuration? Are you NAT'ing everything behind the cluster address as it is being sent out to the internet? Also here is another SK sk107432

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events