Print Download PDF Send Feedback

Previous

Next
Cluster Interface Configuration

In the Cluster Interface Configuration window, you define if a network interface on the Check Point Appliance is part of the security gateway cluster. This window shows for each network interface that was configured in the Check Point Appliance. The total number of interfaces configured for the gateway shows in the window title. For example, if 3 interfaces are configured for the gateway, a total of 3 windows require configuration. The first window displays (1 of 3 interfaces). The name of the interface you are currently configuring shows in the Interface column.

Each network interface (on both members) has a unique IP address. If High Availability is enabled on the interface, then the cluster requires an additional unique virtual IP address. This IP address is visible to the network and ensures that failover events are transparent to all hosts in the network.

When High Availability is not enabled, the interface is considered not-monitored private (it is not cluster related).

You can configure High Availability for all network interfaces except for the WAN interface. By default, the WAN interface is always part of the cluster. If you do not want the WAN interface to be part of the cluster, double-click on the Check Point Appliance security gateway cluster object, and select Topology node > Edit Topology.

If the WAN interface was not defined, edit the Cluster object in SmartDashboard with the wizard and select a correct main IP for the cluster object. (This IP is used, for example, in VPN as one of the Link selection options).

The breadcrumb image at the top of the window shows you the interface you are currently configuring. You do not configure the LAN2 interface as it is automatically configured by the wizard and is used only for the SYNC interface. Make sure a cable is connected between the two LAN2/SYNC ports of both appliances.

Note - SYNC interface is only supported with IPv4 addresses.

The image at the bottom of the page shows if the interface is set for High Availability. When you configure High Availability, the physical IPs of both members meet at a point indicated by the cluster's virtual IP address.

To configure more advanced options for interfaces:

  1. Click Edit Cluster in Advanced mode at the end of the wizard.
  2. Edit the topology of the cluster and make the necessary changes.

    Note - Cluster in bridge in Active/Standby mode is supported in 1200R and 1400 appliances.

22 February 2018 © 2018 Check Point Software Technologies Ltd. All rights reserved.