I would like to request Checkpoint to provide more sk's with different scenarios specially regarding HA in Azure.
The only sk that most of the guys point to is "How to deploy checkpoint cluster in Azure" which is a good platform to cover most of the stuff (Because I see lot of folks running into issues with creds or service account related issues) but there are some scenarios which the sk does not cover.
Example: I deployed a vsec cluster in Azure according to the sk and my HA test script came back with "All tests are successful". One day suddenly the service account used for the HA has initiated an API call to Azure to point all the routes to the standby node and standby node is still in standby according to cphaprob state. So all the traffic stopped passing the firewall. I dont know the command like clusterxl_admin up in an Azure enviroment, so I had to change the priority in the dashboard and push policy.
My questions are:
1) Why the API call was triggered automatically ? what caused it?
2) Why did the failover fail even after the tests are successful ?
3) Is there any command to generate a failover in Azure gateways (Except shutting down an interface) ?
Please correct me if I am wrong.