Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 2530 views
  • Users 0 members are here
Options
Suggested

HA Configuration Correct port must be monitored LAN port 1

DevK

Whenever my LAN port switch restart my both the HA firewall restart why it  happen 



Added TAGs
[edited by: emmosophos at 10:02 PM (GMT -7) on 5 Apr 2024]
Parents
  • 0

    Hi Dev,

    You can find the HA log files in the /log directory through the advanced shell. To access log files through SSH, do as follows:

    1. Log in to the CLI console of the primary device using administrator credentials.
    2. Select option 5. Device Management.
    3. Select option 3. Advanced Shell.
    4. Type: cd /log
    5. Press Enter.
    6. To show the list of logs, type: ls
    7. To view a log, type: cat LOGFILENAME

    The below table describes the four relevant log files for HA.

    Log file Description
    msync.log HA synchronization service.
    ctsyncd.log Conntrack synchronization service.
    applog.log HA configuration and status updates.
    csc.log Central service, which manages all services.

    Regards

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • +1 in reply to Bharat J

    I initially understood the problem differently too...
    But:
    If a monitored interface goes “down”, the firewall goes into “FAILED” status and stops processing traffic.
    Unfortunately, this also happens at the same time with the slave if both (master and slave) have a "monitored link down".
    ...unlike the SG firewall which keeps the last "working" node active


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    So, i was looking into this, as i did not remember this issue.

    My cluster did the same approach to this behavior like UTM did. 
    I brought both monitoring ports down (at the same time) on both appliances.

    No reboot of Node1 and no Reboot of Node2. 
    Node2 went into "Faulty". Node1 went into "Standalone". Traffic still processed by Node1 and no interruption in the network. 

    As soon as i brought both links up: Reboot of Node2. Node1 stays online as Standalone. No interruption in the network. 
    Node2 will get back to the cluster after the reboot and everything is working. 

    So i am not seeing any kind of "issue here". 

    Just to make sure, i did another test: I killed the Port1 (monitoring port) of AUX first. It will go into Faulty (no reboot). Then i waited some seconds and also brought Port1 down on the primary. Still the primary remains the standalone and waits. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    I am confused now ... i have checked the same thing but my firewall is restarting... whenever i turned of my lan port switch 

Reply Children
Unfiltered HTML