Create a Post
Showing results for 
Search instead for 
Did you mean: 

Hardware Check Point 21400 (in cluster)R.80.20 replacement with Check Point 7000 (in cluster)R.81.10

Dear Checkmates,

I am currently planning a HW swap from CP 21400 to CP 7000.
The old cluster (21400) is still active and the replacement is planned in the maintenance window, where it is desirable to have no downtime.

I planned to perform the replacement using the following steps:

1. Configure the new 7000 backup node (interfaces and routes) the same as 21400 backup (not active node)
2. Turn off 21400 and start a new backup node 7000. (change version in SmartConsole, establish a SIC, install the policy on new node, etc). As a note> I'm using MDS which is running on version R81.10 so, there,  I am compatible with the new GW version)
3. Force a failover from the old 21400 Primary to the new 7000 backup so that it can take over the traffic and then do the swap without downtime.
4. Repeat the above with the old 21400 primary and the new 7000 primary.

It's theoretically easy, but now the questions follow, so I'm asking for your experiences/recommendations.

GWs 21400 and 7000 have completely different interfaces, as well as versions (R80.20 vs. R81.10)

Will the new 7000 backup node manage to form a cluster with the old 21400 primary (taking into account different OS versions as well as interfaces), so that I would be able to do Cluster failover to the new 7000 backup.

I am asking for your recommendations so that I can perform this without downtime, as it is a FW cluster that needs 0-24 to be UP.

Thanks in andvance!

0 Kudos
1 Reply

Did this with customer over the weekend, worked like a charm, if you follow it, I guarantee you wont have any issues.

Solved: Replace/Upgrade Cluster - Check Point CheckMates

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events