Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Mark_Tremblay
Explorer

how to convert a standalone vsx gateway into a vsx cluster

Hello,

 

We currently have a standalone VSX gateway in production and we recently purchased another of the same hardware appliance and would like to now create a VSX cluster with these two appliances.  In the installation and upgrade guide, it states you need to enable clusterxl and make the gateway part of a cluster during the installation.  Is it possible to create a new vsx cluster object and add the already deployed standalone vsx gateway into this new cluster?  We are on R80.30 take 228.  Any info would be greatly appreciated.

 

thanks,

 

Mark

0 Kudos
(1)
6 Replies
HeikoAnkenbrand
Champion Champion
Champion

Hi @Mark_Tremblay 

LAB environment :
1) Creat new a VSX ClusterXL HA or LS with one new gateway
2) Creat the new VSX instances on the VSX ClusterXL (FW, Switch, Router)
3) Add the same Interfaces to the VSX instances (just like the old vsx gateway solution)
4) Install the old policy on the new VSX instances

Productive environment (You need a maintenance window!):
5) Disable the switch ports of the old VSX Gateway.
6) Enable the switch ports of the new VSX cluster interfaces in the production environment.

Last step:
7) Reinstall the old single VSX gateway
8 ) Add the gateway as a second VSX gateway to the VSX clusterXL object

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos
Mark_Tremblay
Explorer

Thanks for the reply!  So basically we need to create a new VSX cluster with the new appliance, cut over to the new cluster then wipe the standalone and reinstall it as a cluster VSX appliance and add it to the new Cluster.   Correct?

0 Kudos
Mark_Tremblay
Explorer

I'm stuck on the first step.  It won't let me create a VSX cluster with only 1 gateway?  Is there a workaround to build a VSX Cluster with only 1 gateway?

0 Kudos
sudhir_mirajkar
Participant

Hi,

i have the same issue, did you managed to get around this?

thanks,

Sudhir M

0 Kudos
Mark_Tremblay
Explorer

Hi Sudhir,

We had to create a temporary open server gateway to act as the second gateway to create the cluster.  Once we built the cluster, we then reset the old gateway and added it to the cluster and removed the temp open server gateway.  It was a pain but it did the trick.

0 Kudos
sudhir_mirajkar
Participant

thanks Mark for reply..

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events