John is the Mega Corp Security Administrator, and is using Check Point R70. Malcolm is the
Security Administrator of a partner company and is using a different vendor’s product and both
have to build a VPN tunnel between their companies. Both are using clusters with Load Sharing
for their firewalls and John is using ClusterXL as a Check Point clustering solution. While trying to
establish the VPN, they are constantly noticing problems and the tunnel is not stable and then
Malcolm notices that there seems to be 2 SPIs with the same IP from the Check Point site. How
can they solve this problem and stabilize the tunnel?
A.
This can easily be solved by using the Sticky decision function in ClusterXL.
B.
This can be solved by running the command “Sticky VPN” on the Check Point CLI. This keeps
the VPN Sticky to one member and the problem is resolved.
C.
This can be solved when using clusters; they have to use single firewalls.
D.
This is surely a problem in the ISPs network and not related to the VPN configuration.
Explanation: