[c-nsp] Nokia Firewall Clustering on 6500 Cisco Switches

Nick Kassel Nick.Kassel at Charles-Stanley.co.uk
Mon Sep 10 08:58:29 EDT 2007 

We have a new Cisco network in test which is using layer 3 routed access
design all switches are 6509, we are currently trying to test Nokia
Firewall clustering using IP forwarding. Does anyone have any experience
of this as we are currently having issues with the cluster. Our firewall
team seem to think that this may be an issue on the switches, as this
previously worked fine on our old Nortel environment. On each firewall
when running the cphaprob state command only the local firewall is shown
and not both cluster nodes however on the voyager GUI the cluster is
showing both nodes correctly.

We have disabled IGMP snooping as recommended from another forum and
this helped to display both nodes in voyager but not on the individual
firewalls. 

 

Firewall setup consists of 2 x Nokia IP 530 running Checkpoint NGX R61
with 4 physical network ports with vlans.

 

Any ideas or pointers would be greatly appreciated.

 

********************SAVE PAPER - THINK BEFORE YOU PRINT**************************************************

The information contained in this e-mail is strictly confidential, some or all of which may be legally privileged. 
Access to this e-mail by any person other than the recipient is prohibited. If you have received this message in
error, any use, disclosure, copying, printing, distribution of, replying to or any action taken or omitted to be
taken in reliance on this e-mail, is prohibited. Please advise the sender immediately should this e-mail have been 
incorrectly addressed or transmitted, and then delete the email and any attachment sent with it from your computer.

You are advised that urgent, time sensitive and confidential communications should not be sent by e-mail. You 
accept that any instructions are deemed to have been given at the time the recipient(s) accesses them and that 
delivery receipt does not constitute acknowledgement or receipt by the intended recipient(s). 

You acknowledge that e-mails are not secure and you accept the risk of malfunction, viruses, unauthorised 
interference, mis-delivery or delay. Charles Stanley reserves the right to monitor and/or record emails sent and
received via its network for any lawful business purpose in accordance with applicable law and regulations.
*******************************************************************************************************


Charles Stanley & Co. Ltd
Registered Office: 25 Luke Street London EC2A 4AR

Tel: 0207 739 8200 Fax: 0207 739 7798
Registered in England No. 1903304

Charles Stanley Sutherlands and Charles Stanley Securities are divisions of Charles Stanley & Co. Ltd  

Authorised and Regulated by the Financial Services Authority, Member of the London Stock Exchange, The 
International Capital Market Association and The London International Financial Futures & Options Exchange.

This footnote also confirms that this email message has been swept by McAfee VirusScan and SurfControl Email 
Filter software.

More information about the cisco-nsp mailing list