Failover Behaviors

Cyber Elite

Anything i should check from config wise?

OR i can open the tac case

Cyber Elite


I'd be interested in seeing what your ha_agent.log actually reports when you see this issue pop up to see exactly what the agent is seeing. I haven't seen any keepalive bugs with 8.1.9, and we don't have any addressed issues with 8.1.10 or 8.1.11 that appear to address anything related to this issue. 

Cyber Elite

Hi BPry,


Seems i was testing the HA1 by disabling the encryption on one firewall and leaving enabled on another.

It is not supposed to work like this similar to routing protocols like ospf neighbourship when we enable authentication on one router and 

do  not enable on another.


Many thanks for pointing me in right direction.


L1 Bithead

Hi All,

There was a 15 min downtime when customer working on replacing the Passive device in a A/P pair with RMA device.

Soon they connected HA1 (Aux1) cable only to New RMA device (no interfaces connected bcz link monitoring was enabled), there was split brain scenario for few mins where peer firewall running active became passive and dropped traffic. Customer suspended the new RMA device and both firewalls recovered from split brain scenario and the traffic was passing through expected firewall (Active Firewall).

My question: With preemption disabled if split brain scenario occurs in A/P pair, after recovery from split brain which firewall owns the active state?? ( my answer is firewall that has lowest priority will have the Active role after recovery even the network interfaces are not connected and link monitoring also enabled on these interfaces ).

Thanks in advance.


Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!