Running config not synchronized problem

Reply
L4 Transporter

Running config not synchronized problem

Hey all!

there are two pa 3020 with 8.0.7 in HA active passive.

Three days ago, I switched the passive fw to active.

Yesterday I switched back. I stated that the running config isn't synchronized, but I switched nevertheless.

So I think I should "sync to peer" in the HA dashboard. But from which firewall to which firewall?

Highlighted
Community Manager

Re: Running config not synchronized problem

you will need to verify the configuration between the firewalls and decide which one is the one you need to keep:

 

config audit peer.png


Help the community: Like helpful comments and mark solutions
Reaper out
L4 Transporter

Re: Running config not synchronized problem

@reaperWhen I compare the two configs as your screenshot shows, it shows me a lot of local settings that differ, for example:

 

hostname, management ip address, peer-ip, ha ip addresses.

 

I mean, that's okay since that are two physical firewalls.

 

But what happens when I sync the config?

L4 Transporter

Re: Running config not synchronized problem

Hi @MPI-AE ,

 

Configuration audit is performing diff on the full configuration. That is why you will see some yellow lines that hostname, management IP etc are different between members. 

 

If you check the documentation here you can see that none of these configurations will sync - What Settings Don’t Sync in Active/Passive HA?

 

So you may want to focus on the rest of the output from the config audit - on the configuration that is synchronized between member and will sync if you run "sync to peer"

L4 Transporter

Re: Running config not synchronized problem

Thank you, that makes it clear!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!