Hi all,
We have two SG125W in active/passive HA with 2 ISP, installed on a remote office, and connected to our distant office by IPsec VPN.
Following an ISP change, we changed the IPSec VPN settings to update it. Then the tunnel stopped, nothing more normal. But… the firewall has since refused to display the webmin which can not be reached in the LAN at his usual IPv4 address. Internet works, the WiFi also but the VPN tunnel is stopped and our team was blocked.
We have tried many solutions, without success, whereas the SSH mode was disabled on the device :
- try to understand if one of the Firewalls had a material issue ; all diodes had normal status
- restore the last backup on a USB stick (in Fat32 mode) on one or the other of the two USB ports and rename backup file by “restore.abf” : impossible to know if the action is successful
- reset the firewalls on physical button : no result !
- connect a keyboard and a screen and authenticate to the Admin account. The only way to go on was to reset loginuser and admin password in GRUB, connect to the firewall in command line, and reset it ! And after, reconfigure from scratch the firewall.
In summary, it seems to be a default in active/passive HA mode ! The firewalls refuse to be joined. We need now to test if the HA mode can be used again.
But, in active/passive mode, how can we be sure that the second firewall is not the origin of this blocking issue ?
Thanks,
This thread was automatically locked due to age.
