Additional Information

Testing and Troubleshooting

You can use the APIs to retrieve information about the cluster resource group.

Use these commands on each Cluster Member to confirm that the cluster operates correctly:

Use the cluster configuration test script on each Cluster Member to confirm it is configured correctly:

Using the Azure High Availability Daemon

The cluster solution in Azure uses the daemon to make API calls to Azure when a cluster failover takes place. This daemon uses a configuration file $FWDIR/conf/azure-ha.json on each Cluster Member.

When you deploy the solution above from the template supplied, this file is created automatically.

The debug output is written to $FWDIR/log/azure_had.elg* files.

Using a Different Azure Cloud Environment

If you want to deploy your cluster in an environment other than the standard Azure environment, make sure to edit this file:

$FWDIR/conf/azure-ha.json

Important note about the service principal:

If you use any of these different environments, you have to create your own service principal. No default service principal is created.

Working with a Proxy

In some deployments, you can only access the Internet through a web proxy.

Changing Template Components

The Check Pointcluster's public IP address has to be in the same resource group as the Cluster Members.

Creating Objects in SmartConsole

For more information, see the Check Point Security Management Administration Guide for your Management Server version (for example: R80.10, R80.20).

Important - After you create an object, you must publish the session to save the changes in the management database.

Related Solutions

Upgrading a Check Point CloudGuard IaaS High Availability Solution to a Newer Version

Upgrade a Check Point Cluster Solution to the CloudGuard IaaS High Availability Solution

 

 

CloudGuard IaaS High Availability for Azure R80.10 and Above Deployment Guide