Solved

Nokia IP260 High Availablity

Posted on 2007-03-26
2
829 Views
Last Modified: 2013-11-16
I have got the job of setting up two Nokia IP260s in a high availability (either active-passive or active-active), my main experience is with Checkpoint only (on SPLAT/Windows). I have looked through some docs on setting up IPSO for HA but it's not that clear. I want someone with experience of doing this to do write a description of the process of setting this up (the easiest and simplest way possible to achieve HA and get CP up and running). Also:

Am I right in thinking IPSO is solely responsible for the HA? and that the only config CP needs is to allow multicast between the devices?

Whats the process of installing CP on them?

Can the connections between the devices be a crossover cable?  (the sync network)

thanks in advance
0
Comment
Question by:ma77smith
2 Comments
 
LVL 8

Expert Comment

by:charan_jeetsingh
ID: 18813380
Ur second Q first (Am I right in thinking IPSO is solely responsible for the HA? and that the only config CP needs is to allow multicast between the devices? ) : NO, The Chekpoint has to be configured simultaneously for making a complete fully functional Cluster.

Q : Whats the process of installing CP on them? : get the CP_ipso package. Upload it on the flash through nokia voyager and install it from there. :).. also check for the latest hotfixes for that version.

Q : Can the connections between the devices be a crossover cable?  (the sync network)  ---> i will say avoid that. It will work but i dont know the reason why somtimes this way cluster goes out of sync and starts misbehaving.

Regarding your first Q : where are u getting confused? its a bit lengthy and i am very lazy to type so i will focus on where exactly u are getting stuck....
0
 
LVL 4

Accepted Solution

by:
nstand earned 500 total points
ID: 18849885
You have a couple of choices, either setup Clustering using ClusterXL or my recommendation would be to setup simple active-passive failover using VRRP on the Nokia IPSO boxes. This method just requires a standard install of CheckPoint on the IPSO platform (no ClusterXL required). Once you have 2 IP platforms running IPSO then you setup and configure VRRP (monitored circuits rather than VRRPv2). You will need a sync network/cable which you dont include in the VRRP setup. Read the IPSO documentation on VRRP setup, its very good and straight forward.
0

Featured Post

Watch Anatomy of a Wi-Fi Hack On-Demand

In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MitM to wreak havoc on your network. View our Wi-Fi Expert in an on-demand episode of our Secure Wi-Fi mini-series as he explores the motives, execution, and anatomy of a Wi-Fi hack.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question