Create a Post
Showing results for 
Search instead for 
Did you mean: 

Cluster XL error applying policies


I'm trying to setup a clusterXL with two checkpoint firewall 12000series.

I'm getting some errors applying policies.

the following error is:

There is only one interface defined for object XXXXX. At least one more interface must be configured for this object in order to use the Anti-Spoofing feature.

At this moment it is affecting all my VSX when we tries a policy installation with virtual IP as Sync.

We have a Sync interface with the name bond0 with topology "this network".

We have Internal Network with the name bond1.29 with topology "this network".

We have mgmt interface with the name mgmt with topology "external" with virtual IP as Private.

All interfaces have anti-spoofing active. If we remove it will should resolved this issue ? do we need to configure other interface, with topology ?


Many thanks


0 Kudos
2 Replies

Please explain what you mean by "policy installation with virtual IP as Sync."
Perhaps screenshots of the relevant objects might be helpful.
0 Kudos


sorry forget with virtual IP as Sync, bad copy paste.

It is working. The topology wasn't get correct to the management.

After a reboot to the management we were able to get the correct topology.

We have a new firewall cluster but the external interface was not getting on topology and for that reason we were unable to apply policies in others vsx context.

After the reboot and get a again the topology correctly we were able to install policies on the several firewall context

Thank you very much for the help.



0 Kudos