Alteon Switched Firewall 6000 Installation - Final

Posted On Oct 31, 2008 at at 5:57 PM by Dophi  

    The installation of NSF is a long way but it's done in this part. The final step of installation is creating a CheckPoint cluster.

1. Create a gateway cluster: Right click on the CheckPoint object and select "New CheckPoint" → "VPN-1 Power/UTM Cluster"


cluster_thumb[2]

2. Setup the name and IP address of cluster: The IP address is the MIP address (10.1.1.5) I created during the initial of NSF. Check "Firewall" and "VPN" and uncheck "ClusterXL". Change OS to Linux.

clu ip_thumb[1]

3. Add Firewall Directors as cluster members: Click on the Cluster Members tab and add gateways.

add gate to clu_thumb[1]

4. Add gateways as cluster members: Select two gateways to be cluster members.

member

5. Click on the 3rd Party Configuration tab to specify 3rd party solution: Select "Load Sharing". In the description of official document, High Availability is not supported on NSF 6000 but actually works.

load

6. Edit the topology for NSF Cluster: Click the Topology tab and edit the topology.

clu topo

7. Edit the interface IP address and type: Every interfaces should be assigned as "Cluster" in Network Objective except sync interface. The sync interface should be selected as "1st Sync". In addition, manually setup the IP address of each interface.

clu inter

8. Change the maximum concurrent connections: Similar with the previous step, change the maximum concurrent connections to 500,000.

capa clu

 

10. Close the Gateway Cluster Properties and Network Objects windows, click Ok and
close.

10. Install the policy on the cluster: From the SmartDashboard menu bar, select Policy >
Install… and click OK on the Install Policy window.

clu int succ

The basic NSF installation is done.

Posted in Labels: , , , |

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)