Adding a VSX Cluster

Description

This command lets you add a new VSX Cluster object.

Syntax

add vsx type cluster name <Object Name> version <Version> main_ip <Main Virtual IPv4 Address> main_ip6 <Main Virtual IPv6 Address> cluster_type {vsls|ha|crbm} sync_if_name <Sync Interface Name> sync_netmask <Sync Interface Netmask> [rule_snmp {enable|disable}] [rule_snmp {enable|disable}] [rule_ssh {enable|disable}] [rule_ping {enable|disable} [rule_ping6 {enable|disable}] [rule_http {enable|disable}] [rule_drop {enable|disable}]

Important - You must run the add vsx_member command for each VSX Cluster Member in the same transaction as the add vsx command.

Parameters

Parameter	Value	Notes
`type`	`cluster`	You must use the `cluster` value to add a new cluster object.
`name <`Object Name`>`	Object name	Specifies the name of the VSX Cluster object. You cannot use spaces of Check Point reserved words.
`version <`Version`>`	Check Point version	Specifies the Check Point version of the VSX Cluster object. You must enter the exact version as appears in SmartConsole (case-sensitive).
`main_ip <`Main Virtual IPv4 Address`>`	IPv4 Address	Specifies the main IPv4 Virtual Address of the VSX Cluster object.
`main_ip6 <`Main Virtual IPv6 Address`>`	IPv6 Address	Specifies the main IPv6 Virtual Address of the VSX Cluster object.
`cluster_type {vsls \| ha \| crbm}`	Cluster type	Specifies the cluster type. Enter one of these: `vsls` - Virtual System Load Sharing mode `ha` - High Availability mode `crbm` - X-Series appliances (former BlueCoat / Crossbeam)
`sync_if_name` <Sync Interface Name`>`	Sync interface name	Specifies the name of the Cluster Synchronization interface.
`sync_netmask <`Sync Interface Netmask`>`	IPv4 Network mask	Specifies an IPv4 Netmask for the Cluster Synchronization interface (in a dot-quad format X.X.X.X).
`rule_snmp {enable \| disable}`	`enable` `disable`	Controls how to process all SNMP packets sent to the VSX Cluster Members: `enable` - Allows all SNMP packets `disable` - Drops all SNMP packets (default)
`rule_ssh {enable \| disable}`	`enable` `disable`	Controls how to process all SSH packets sent to the VSX Cluster Members: `enable` - Allows all SSH packets `disable` - Drops all SSH packets (default)
`rule_ping {enable \| disable}`	`enable` `disable`	Controls how to process all ICMP Echo Request (ping) packets sent to the VSX Cluster Members: `enable` - Allows all IPv4 ping packets `disable` - Drops all IPv4 ping packets (default)
`rule_ping6 {enable \| disable}`	`enable` `disable`	Controls how to process all ICMPv6 Echo Request (ping) packets sent to the VSX Cluster Members: `enable` - Allows all IPv6 ping packets `disable` - Drops all IPv6 ping packets (default)
`rule_https {enable \| disable}`	`enable` `disable`	Controls how to process all HTTPS packets sent to the VSX Cluster Members: `enable` - Allows all HTTPS packets `disable` - Drops all HTTPS packets (default)
`rule_drop {enable \| disable}`	`enable` `disable`	Controls how to process all packets (other than SNMP, SSH, ICMP, ICMPv6, HTTPS) sent to the VSX Cluster Members: `enable` - Drops all other packets (default) `disable` - Allows all other packets

Example

vsx_provisioning_tool -s localhost -u admin -p mypassword -o add vsx name VSX1 type cluster cluster_type vsls main_ip 192.168.1.1 version R80.10 sync_if_name eth3 sync_netmask 255.255.255.0 rule_ssh enable rule_ping enable