Technical data

Managing VSX Clusters
Check Point VSX Administration Guide NGX R67 | 98
TCP: https (secure http) traffic
Configuring the Cluster Security Policy
1. Allow: Enable a rule to allow traffic for those services for which you wish to allow traffic. Clear a rule to
block traffic. By default, all services are blocked.
For example, you may wish to allow UDP echo-request traffic in order to be able to ping cluster
members from the management server.
2. Source: Click the arrow and select a Source Object from the list. The default value is *Any. Click New
Source Object to define a new source. Refer to the online help and the R75 Security Management
Administration Guide (http://supportcontent.checkpoint.com/documentation_download?ID=11667) for
further details.
Completing the Wizard
1. Click Next to continue and then click Finish to complete the VSX Cluster wizard. Please note that this
may take several minutes to complete. A message appears indicating successful or unsuccessful
completion of the process.
If the process ends unsuccessfully, click View Report to view the error messages. Refer to the
troubleshooting steps ("VSX Diagnostics and Troubleshooting" on page 179) for more information
2. After the wizard finishes, make certain that the Use State Synchronization option is enabled in the
ClusterXL branch of the VSX Cluster Properties window.
Modifying a Cluster Definition
Once you create a cluster using the wizard, you can modify the topology and other parameters using the
VSX Cluster Properties window. This window also allows you to configure many advanced features not
available with the wizard.
To work with a VSX cluster definition, double-click on the cluster object in the SmartDashboard Object Tree.
The VSX Cluster Properties window opens, showing the General Properties page.
Most cluster objects and properties can be defined using the SmartDashboard GUI. Several definitions,
however, require CLI commands, while others may be performed using either method.
A brief explanation for each of the definition pages follows. More detailed explanations for features that are
not specific to VSX (NAT, IPS, VPN, etc.) are available in the online help or in the appropriate product
Administration Guide.
Modifying Cluster Properties
Once you create a cluster using the Wizard, you can modify its topology and other parameters using the
VSX Cluster Properties window. This window also allows you to configure advanced features that are not
available with the wizard.
To work with a VSX cluster definition, double-click on the VSX gateway object in the SmartDashboard
Object Tree. The VSX Cluster Properties window opens, showing the General Properties page.