Print Download PDF Send Feedback

Previous

Next

Installing Full High Availability Cluster

Workflow:

  1. Install the first Cluster Member of the Full High Availability Cluster that runs the Primary Security Management Server.
  2. Install the second Cluster Member of the Full High Availability Cluster that runs the Secondary Security Management Server.
  3. Connect the synchronization interfaces on both appliances.
  4. Configure the Full High Availability Cluster object in SmartConsole.

Step 1 of 4: Install first Full High Availability Cluster Member that runs the Primary Security Management Server

Step

Description

1

Install the Gaia Operating System:

2

Run the Gaia First Time Configuration Wizard.

3

During the First Time Configuration Wizard, you must configure these settings:

  • In the Installation Type window, select Security Gateway and/or Security Management.
  • In the Products window:
    1. In the Products section, select both Security Gateway and Security Management.
    2. In the Clustering section:
      • Clear Unit is a part of a cluster, type.
      • In the Define Security Management as field, select Primary.
  • In the Security Management Administrator window, select one of these options:
    • Use Gaia administrator
    • Define a new administrator and configure it
  • In the Security Management GUI Clients window, configure the applicable allowed computers:
    • Any IP Address - Allows all computers to connect
    • This machine - Allows only the single specified computer to connect
    • Network - Allows all computers on the specified network to connect
    • Range of IPv4 addresses - Allows all computers in the specified range to connect

4

In your web browser, connect to the Gaia Portal at:

https://<IP address of Gaia Management interface>

5

In the left navigation tree, click Network Management > Network Interfaces.

Configure all required interfaces with applicable unique IP addresses.

6

Install the R80.20 SmartConsole.

Step 2 of 4: Install second Full High Availability Cluster Member that runs the Secondary Security Management Server

Step

Description

1

Install the Gaia Operating System:

2

Run the Gaia First Time Configuration Wizard.

3

During the First Time Configuration Wizard, you must configure these settings:

  • In the Installation Type window, select Security Gateway and/or Security Management.
  • In the Products window:
    1. In the Products section, select both Security Gateway and Security Management.
    2. In the Clustering section:
      • Clear Unit is a part of a cluster, type.
      • In the Define Security Management as field, select Secondary.
  • In the Secure Internal Communication window, enter the desired Activation Key (between 4 and 127 characters long).

4

In your web browser, connect to the Gaia Portal at:

https://<IP address of Gaia Management interface>

5

In the left navigation tree, click Network Management > Network Interfaces.

Configure all required interfaces with applicable unique IP addresses.

Step 3 of 4: Connect the synchronization interfaces on both appliances

Step

Description

1

Connect a cable between the synchronization interfaces on both appliances.

See the R80.20 ClusterXL Administration Guide - Chapter ClusterXL Requirements and Compatibility - Section Supported Topologies for Synchronization Network.

2

In your web browser, connect to the Gaia Portal on both appliances.

3

In the left navigation tree, click Network Management > Network Interfaces.

4

In the top right corner, click the Configuration button.

5

Make sure the Link Status on the synchronization interfaces is Up.

6

In the top right corner, click the Monitoring button.

7

Click Refresh every several seconds.

These counters must increase:

  • Rbytes
  • Rpackets
  • Tbytes
  • Tpackets

Step 4 of 4: Configure the Full High Availability Cluster object in SmartConsole

Step

Description

1

Connect with SmartConsole to the Full High Availability Cluster Member that runs the Primary Security Management Server.

2

In the Security Cluster wizard, click Next.

3

Enter the name of the Full High Availability Cluster object.

4

Click Next.

5

Configure the settings for the Full High Availability Cluster Member that runs the Secondary Security Management Server:

  1. In the Secondary Member Name field, enter the hostname that you entered during the First Time Configuration Wizard.
  2. In the Secondary Member Name IP Address field, enter the IP address of the Gaia Management Interface that you entered during the First Time Configuration Wizard.
  3. Enter and confirm the SIC Activation Key that you entered during the First Time Configuration Wizard.

6

Click Next.

7

Configure the IP address of the paired interfaces on the appliances.

Select one of these options:

  • Cluster Interface with Virtual IP - Enter a Cluster Virtual IP address for the interface.
  • Cluster Sync Interface - Configure the interface as the synchronization interface for the appliances.
  • Non-Cluster Interface - Use the configured IP address of this interface.

8

Click Next.

9

Repeat Step 7 for all the interfaces.

10

Click Finish.

11

Install policy on the primary. Only after policy install can the primary sync with the secondary.

For more information, see the:

15 March 2020
Was this helpful?
Incorrect information Not what I'm looking for Too much information Confusing information
© 2020 Check Point Software Technologies Ltd. All rights reserved.