Do you have any large files in any of your /home directories? The firewall could be timing-out waiting for a large config bundle to be either created on the one firewall or transferred over to the other firewall.
I have checked but nothing seem to be big as both is actually newly installed.
I tried to ping interface from both side and both can be reached.
Do you need DNS , or any special setting for this ?
You also have to check you interfaces (and zones) configuration
need to have the same names, properties and created in the same order (important)
you can have more info, when you register you sidewinder, in SSH : showaudit -k
I have checked with region command to check on no. of interfaces , zones , orders name are matched.
HOwever, it still gave me that error .
I tried to use show audit but seem make no sense to me.
Do you have any other suggestion?
You can opened a case to McAfee support.
That's the best solution for you
actually i got the same error when i try to add a new installed S2008 to a existing 410F as a peer.
Both run on Version 70102.
Does anybody know a solution?
is it possible to build a cluster with a S2008 and a 410F?
As long as the two devices have the same number of physical interfaces, the same burb ordering and the same software release they should cluster together.
However, I believe that the official documentation states that the appliances must be of the same variety. So if you were able to cluster together two models which where not the same and you then needed to raise a support ticket with McAfee I don't think you will get very far with them.
You may be able to build a primary/standby or peer-to-peer HA pair with two different devices. An Active/Active (LSHA) pair will not work. One problem may be that 410Fs and S2008s have different interface naming conventions (em NICs on the F model, 1-0 type NICs on the 2008). That may not work with two different models and HA. You will have to try it out.