Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 19 replies
  • Subscribers 3 subscribers
  • Views 6713 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HA active/active, firewall rules stop working 8.202

beheerder1
We have some problems lately, some of our firewall rules stop working during the day, after a reboot of one of the astaro's or sometimes after like 4 hours they are suddenly working again.

Another question, what you see on the attachment (HA configured active-passive) both asg320 shows active. Is that correct?


I updated last week to 8.202, then above problem occurred, can i simple restore back to 8.103? (from automatic backup)


This thread was automatically locked due to age.
Parents
  • 0
    Beheerder, what happens if you set 'Interface: >' in the definitions used in the firewall rule that stops working?  Or, did Ulrich look at your configuration and see that you had two interfaces connected to the same physical network?

    Thanks, Ulrich.  I appreciate that explanation, and I understand a little better what's happening.  Nonetheless, for just about everyone outside of your group, certainly for those untutored in iptables internals, binding to an interface can lead to what they will perceive as unanticipated problems.  

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Beheerder, what happens if you set 'Interface: >' in the definitions used in the firewall rule that stops working?  Or, did Ulrich look at your configuration and see that you had two interfaces connected to the same physical network?

    Thanks, Ulrich.  I appreciate that explanation, and I understand a little better what's happening.  Nonetheless, for just about everyone outside of your group, certainly for those untutored in iptables internals, binding to an interface can lead to what they will perceive as unanticipated problems.  

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML