[cciesec2006]

I need help with ClusterXL question.

Single SmartCenter running SPLAT NGx R65 with HFA_02.
I have ClusterXL license on the SmartCenter. The
license on the SmartCenter is as follows:

CPMP-CXL-HA-1-NGX CPVP-CPLS-1-NGX
CPMP-SCPRO-U-NGX

Basically, I have SmartCenter Pro and ClusterXL
license installed on the SmartCenter.

I built a NGx SPLAT R65 with HFA_02 Enforcement
Module. The SPLAT Enforcement module has 3 interfaces:
External, Internal and DMZ.

I created a checkpoint gateway object in the Dashboard,
called fw, set the topology to "undefined". In other
words, I turned off antispoofing. I then created a
gateway cluster, called fw-cluster, set the ip
addresses. I checked firewall and clusterXL.
I then set clusterXL to load-sharing unicast mode.
When I pushed policy, my clusterXL works as it
should:

However, if I reboot the firewall or do "cpstop;cpstart",
the cluster will show as "down". To fix it,
I have to uncheck "clusterXL" in the gateway cluster
properties, push the policy, check "clusterXL" again,
push the policy again, then I get my clusterXL back.

Anyone run into this issue before? Please help.

This is very straight forward SPLAT installed
with "any any accept". Thanks.