Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
RioAung
Contributor

HA in single VLAN of L2 switch

 

Hi ,

I am newbie in checkpoint .I would like to know can i deploy two HA in one single VLAN ?

Let me know technically issue for CCP ? if we are using VRRP we only need to change VRRP priority or group right?

CCP can do like below ?

 

HA.jpg

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

Yes.
Depending on the version you may need to take some additional configuration steps (specifically changing the Cluster_ID).
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...,

RioAung
Contributor

Hi,

let me know it is also support on SMB appliance ?

0 Kudos
PhoneBoy
Admin
Admin

If the SMB appliances are managed by an external manager, then the SK still applies, I believe.
For locally managed SMB appliances, not entirely sure and you may have to manually tweak the fwha_mac_magic and
fwha_mac_forward_magic variables.
Might need to engage TAC for this.

Marcel_Gramalla
Advisor

Since R80.40 this is no problem att all withour any modifications as the CCP changed to unicast by default. See the sk from PhoneBoy and:

  • This article is no longer relevant to versions R80.40 and higher.
  • This article is not relevant for Gaia Security Gateway with kernel version 3.10.
RioAung
Contributor

Hi ,

This mean R80.40 and above is no issue in same vlan ,correct ?

0 Kudos
Marcel_Gramalla
Advisor

Correct. I'm currently writing you through such a setup 😁 To be sure just check the first cluster with "cphaprob -a if" and on the top you will see the current CCP mode. 

0 Kudos