Solved

checkpoint cluster - prevent a failback

Posted on 2014-10-09
2
221 Views
Last Modified: 2014-11-03
Hi, we are having a checkpoint cluster with two members. Because the primary member has a problem and URL filtering doesn't work we stop it(cpstop) and failover to second member. The problem is that if we restart the primary member it gets the primary role and failback automatically. Is it possible to prevent this failback to primary member and keep staying on secondary.
0
Comment
Question by:dedri
  • 2
2 Comments
 
LVL 12

Expert Comment

by:Fidelius
ID: 40412907
Which CheckPoint platform are you using and what version?

Without that information I can only suggest to switch roles (active/standby) between gateways, but for more details how, I need version and platform.
0
 
LVL 12

Accepted Solution

by:
Fidelius earned 500 total points
ID: 40412925
In a High Availability configuration, when the failed Gateway in a cluster recovers, the recovery method depends on the configured cluster setting. The options are:

-    Maintain Current Active Gateway means that if one machine passes on control to a lower priority machine, control will be returned to the higher priority machine only if the lower priority machine fails. This mode is recommended if all members are equally capable of processing traffic, in order to minimize the number of failover events.
-    Switch to Higher Priority Gateway means that if the lower priority machine has control and the higher priority machine is restored, then control will be returned to the higher priority machine. This mode is recommended if one member is better equipped for handling connections, so it will be the default gateway.

To give you more detailed instructions, I need platform and version.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing password for HP switch 5 66
Network Switches 3 42
Adnexus.net keeps getting hit from OpenDNS 12 55
TLS 1.0 & Windows 7 - How to disable? 16 107
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question