For details on cookie usage on our site, read our Privacy Policy
ACTICE/PASSIVE CONFIG SYNC PROBLEM( Running cofiguration not synchronize)
- LIVEcommunity
- Discussions
- General Topics
- ACTICE/PASSIVE CONFIG SYNC PROBLEM( Running cofiguration not synchronize)
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
ACTICE/PASSIVE CONFIG SYNC PROBLEM( Running cofiguration not synchronize)
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-05-2020 05:36 AM
Hello All,
The firewalls are configured in high availability (A/P) but the running configuration is not synchronized.
I have already tried to restarting management server of both firewall as well I tried to sync manually but getting below error:-
After that, I have tried to sync from CLI mode by this command:- request high-availability sync-to-remote running-config
is showing failed to synchronize running-config.
Can anyone help me?
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-05-2020 11:31 AM
On the Active PA click on syn to peer
Also before that install all the dynamic updates on both active and passive firewall
Help the community: Like helpful comments and mark solutions.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-05-2020 11:40 AM
@MP18 I have tried already but same issue persist.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-05-2020 11:50 AM
Try this on PAssive PA
request high-availability sync-to-remote running-config
Help the community: Like helpful comments and mark solutions.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-05-2020 11:53 AM
@MP18 I have tried this command to both firewall but same issue was happening.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-05-2020 12:00 PM
On active PA any change done?
if you revert back to previous config on active PA does it work?
Paste the output of
less mp-log ha_agent.log
Help the community: Like helpful comments and mark solutions.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-05-2020 12:04 PM
Also For successful HA configuration, the below must match between the two firewalls.
Version Compatibility: Software Version: Match Application Content Compatibility: Match Anti-Virus Compatibility: Match Threat Content Compatibility: Match VPN Client Software Compatibility: Match Global Protect Client Software Compatibility: Match
Help the community: Like helpful comments and mark solutions.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-06-2020 04:50 AM
@ It is necessary to import all certificates from active firewall to passive firewall?
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
- Deselect by default the objects to be synchronized between tentants in Cortex XSOAR Discussions
- Time Synchronization for Azure VM Series? in VM-Series in the Public Cloud
- Text Widget update issue in Cortex XSOAR Discussions
- NetFlow not Working with Qradar in General Topics
- PAN-OS HA Clustering and Integrated management and logging in Next-Generation Firewall Discussions
