This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jon_Moss
Participant
‎2020-05-14 04:06 AM

ClusterXL issues after carrying out steps in sk43807

Hi all, recently installed a new installation of R80.40 - one mgmt server, two g/ways in a cluster (clusterXL) - we have had an issue since the start retrieving IPS update, anti-bot, NTP from the passive gateway.  If you switch them around then the issue remains on the passive so it's not policy.  Digging around on these forums lead me to try the steps listed in sk43807 - https://community.checkpoint.com/t5/Enterprise-Appliances-and-Gaia/Connectivity-issues-from-standby-...

as this appeared to help others (albeit on R80.30).  Whilst it has indeed resolved the issue of the updates, time sync etc to the passive gway.  An unexpected side affect is that clusterXL is not working correctly.

 

I also cannot now connect to the web interface of the passive node, it does not time out or error - it just hangs when attempting to connect.    I have rebooted the passive gateway and it had no affect. 

Output below from the cli, which is still reachable: -

cphaprob stat

Cluster Mode: High Availability (Active Up) with IGMP Membership

ID Unique Address Assigned Load State Name

1 (local) 10.0.110.2 0% INIT SSSLFW02-pri
2 10.0.110.3 100% ACTIVE SSSLFW02-sec


Active PNOTEs: IAC, HAINIT

Last member state change event:
Event Code: CLUS-112101
State change: INIT
Reason for state change: FULLSYNC PNOTE
Event time: Thu May 14 11:38:05 2020

Cluster failover count:
Failover counter: 0
Time of counter reset: Tue May 5 14:06:38 2020 (reboot)


[Expert@SSSLFW02-pri:0]# cphaprob -i list

Built-in Devices:

Device Name: Interface Active Check
Current state: problem (non-blocking)

Device Name: HA Initialization
Current state: initializing

 

any help appreciated

 

5 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events