For details on cookie usage on our site, read our Privacy Policy
datapalne issue
- LIVEcommunity
- Discussions
- General Topics
- datapalne issue
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
datapalne issue
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-04-2022 10:32 PM
I have 2 Paloalto firewalls working as ha active-passive, yesterday we had HA test so try to pass the traffic to the passive device buy suspend the active, the passive become active everything works fine till now my issue is the interface of the firewall 2 is not responding to anything ping or anything my network is down in Cisco switches showing interface up but not showing lldp Although lldp is enabled on Paloalto, now I’m rollback to firewall 1 Everything work fine, but the second firewall still its interfaces not working it’s up but not passing any traffic even when I try to connect PC directly to Interface There is no ping
even I tried to factory reset and still the same issue and upgraded the device to the latest pan-os 2.0.1
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-04-2022 11:02 PM
The passive device does not respond to anything (besides on the mgn interface). That's due to moving the IP and MAC to the active node, the passive node has no IP on the "traffic" interfaces.
If you have LLDP enabled, please verify that "Enable in HA Passive State" is ticked (Interfaces --> Ethernet --> your Interface --> Advanced --> [x] Enable LLDP -- [x] Enable in HA Passive State)
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-04-2022 11:12 PM
the LLDP is enabled on the Passive firewall kindly check the attachment for that, I try to make the passive to be active but still have the same issue, I try to factory reset the firewall and try to do basic configuration just to check the issue is related to ha or we have a hardware issue in the data plane.
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-04-2022 11:24 PM
the LLDP Is enabled on the passive firewall, I try to suspend the local device for ha in the active firewall to move the traffic to the passive but the device does not forward any traffic, and it becomes active in ha, I also try to remove it from ha and upgraded the device to the latest pan-os 2.0.1 also factory reset the device but still same
- Mark as New
- Subscribe to RSS Feed
- Permalink
06-04-2022 11:36 PM
the LLDP is enabled on the passive firewall, I try to make the passive firewall become active but still faced the same issue also remove it from ha and check the interface but no luck, any idea
- Prisma Cloud - defender Auto deploy issue in Prisma Access Discussions
- VM auto commit failed because Vsys ID must be between 1 and 0 in VM-Series in the Private Cloud
- QoS cleartext match issue in General Topics
- URL mapping or forwarding in Palo Alto Firewall via GP in GlobalProtect Discussions
- How to add additional Input in "Jira-edit-Issue" task ? in Cortex XSOAR Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
