TABLE OF CONTENTS If a simple HA cluster solution is required for the Nokia platform, a VRRP configuration should be considered. In this section, we provide an overview of the VRRP protocol, how to configure it on IPSO, and how to configure FireWall-1 NG FP3 for a VRRP cluster. We ll then talk about how you can test the cluster and go over any special considerations that you need to keep in mind when using a cluster.
To configure a Nokia VRRP cluster, you need to take the following steps:
Configure the interfaces of a Nokia.
Configure FireWall-1.
Configure VRRP in Voyager.
We assume that you have installed IPSO 3.6 on your Nokia and that you have the Check Point FireWall-1 NG FP3 package installed and configured. As with setting up all clusters, it is recommended that you complete and test the physical connectivity first so that any problems that you encounter later aren t due to a misconfigured switch or interface, because these could be difficult to spot later.
In Figure 6.76, you can see an example Nokia VRRP configuration. It is a VRRP Monitored Curcuits configuration. This is the most common configuration and it is this flavor of VRRP that we will consider throughout this section. Plenty of the information shown won t make much sense yet, so just look at the topology and IP addresses for now.
Unlike Nokia clustering, a VRRP configuration does not require a...
