PROBLEM
The following error message occurs when pushing firewall policy to clusters.
There is only one interface defined for object . At least one more interface must be configured for this object in order to use the Anti-Spoofing feature.
The Gateway Cluster Properties is as follows:
Basically, there are two main options in configuring Check Point Cluster.
In order to configure Check Point with High Availability (HA) solution, we need to have two identical Check Point machine. Since everything is created in VirtualBox, creating another identical machine is so easy. Just right click on the machine that you wish to copy, and click Clone. You can also use the combination of Ctrl+O to clone it.
Now you already have two identical Check Point machine. Everything is copied exactly as a parent machine including IP Address. Therefore, the first thing you need to do is to change IP Address as it will cause IP conflict issue if both of them are located in the same network. Use sysconfig menu to change IP Address of the Check Point box. Please refer to the link below how to do it.
UPDATE – APRIL 20, 2012 How to change IP Address in Check Point firewall
Once everything is ready, follow the following steps in configuring Check Point Cluster with High Availability solution:
STATUS – April 18, 2012
Currently, I’m still reading the User Guide in figuring out what to do next. :).
I also discussed this matter in CPUG forum to get help from Check Point expert there.
I’ll update this post once I’ve knew what to do in completing HA setup in Check Point cluster
SIMILAR ISSUE
https://www.cpug.org/forums/installing-upgrading/938-clusterxl-win2003-splat.html
A Firewall Engineer 