Create a Post
Showing results for 
Search instead for 
Did you mean: 

CP Firewall ClusterXL

Hi Guys,

I would like to ask is it possible for CP firewall to have port channel interfaces for the failover link? I mean connected back-to-back of the two CP firewall? 

I've checked over the internet but I always saw the Administration Guide which tells only that it needs to connect using a switch.

In addition, if I am deployed under ClusterXL, does all aspect of the firewall config will be replicated from active to standby?


0 Kudos
1 Reply

If by "failover link" you mean sync interface, the answer is yes on both counts:

1. You can interconnect  sync interfaces with a cable directly

2. You can use a bond interface for synchronization

The rest of the questions are answered in the documentation: 

1. ClusterXL R80.10 (Part of Check Point Infinity) Administration Guide 
2. ATRG: ClusterXL 

Please also refer to Recommended configuration for ClusterXL