Solved

checkpoint cluster - prevent a failback

Posted on 2014-10-09
2
222 Views
Last Modified: 2014-11-03
Hi, we are having a checkpoint cluster with two members. Because the primary member has a problem and URL filtering doesn't work we stop it(cpstop) and failover to second member. The problem is that if we restart the primary member it gets the primary role and failback automatically. Is it possible to prevent this failback to primary member and keep staying on secondary.
0
Comment
Question by:dedri
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 12

Expert Comment

by:Fidelius
ID: 40412907
Which CheckPoint platform are you using and what version?

Without that information I can only suggest to switch roles (active/standby) between gateways, but for more details how, I need version and platform.
0
 
LVL 12

Accepted Solution

by:
Fidelius earned 500 total points
ID: 40412925
In a High Availability configuration, when the failed Gateway in a cluster recovers, the recovery method depends on the configured cluster setting. The options are:

-    Maintain Current Active Gateway means that if one machine passes on control to a lower priority machine, control will be returned to the higher priority machine only if the lower priority machine fails. This mode is recommended if all members are equally capable of processing traffic, in order to minimize the number of failover events.
-    Switch to Higher Priority Gateway means that if the lower priority machine has control and the higher priority machine is restored, then control will be returned to the higher priority machine. This mode is recommended if one member is better equipped for handling connections, so it will be the default gateway.

To give you more detailed instructions, I need platform and version.
0

Featured Post

Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Low ampere 10 119
How to become System Integration engineer 3 76
Routers to buy for MDT Multitasking 6 80
Basic nexus configuraton 12 25
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question