Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 42 subscribers
  • Views 18240 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update from 19.5.3 to 20.0 broke HA

Ingo Buyny

Hello,

Two XGS3300 in an working Active/Passive Cluster, not working after the update to 20.0.

I deleted the Cluster and tried to re-establish it but it fails all the time.

I tried several times with Quick HA or Interactive Mode.

Tried with VLAN Ports or unbound Ports.

Both dedicated HA Ports are pingable from each other and SSH/Ping is allowed for DMZ Zone.

Both Firewalls are removed from Sophos Central.

After trying to restore the cluster a few times, both firewalls suddenly went into fail-safe mode and I had to restore my primary firewall from a backup.

The Auxillary was factory-resetted an i reconfigured the network ports to match them with the primary.

But i still get "HA could not be established" all the time and i'm running out of ideas. 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to LuCar Toni

    That was it, thank you very much!

    Was trying to resolve the issue with Sophos Support but the technician had no idea either, so he just wanted to dig into the logfiles.

    I always tried to establish with unbound interfaces or with vlans on unbound interfaces.

    After setting an ip to my dedicated interface and set the DMZ Zone the HA established in no time without any error.

Unfiltered HTML