when you setup VRRP you want to setup assure that each individual interface
has the router ID such as an interface that is on the 10.36.1 network should
have the same router ID on both firewalls for that network.
you want to make sure that if the primary has a priority of 100 and the fail
over box is 90 that you have a delta of 15.
so for each interface that has vrrp setup you want to assure that the other
interfaces that are vrrp monitor each other. Not the sync interfaces though.
that way if an interface, switch or a wire fails they will fail over.
I have seen it though if you have the radio button for monitor firewall
checked it will not fail over until the cp firewall fails.
Plus assure that you have gone into cpconfig and enabled sync
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
