- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
failover
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
failover
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
07-20-2017 10:12 AM
Is there anything such as a particle failover with a palo alto firewall? Can it start to failover and suddenly fail back and block some traffic
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
07-20-2017 01:08 PM
Initial guess would be that you should check the config audit and see if for some reason it didn't somehow jump back to an old config from when that was a valid route. Other than that I can't really think of why it would be using that IP if it was removed several months ago.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
07-21-2017 01:45 AM
PA will send traffic based on its own routing table or VRs. Was it static route pointing to that router IP or dynamically learned one?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
07-21-2017 05:58 AM
I would be able to search for it with the global search wouldn't I. The other issue is that this wasn't a problem until we last power, the heart beat connection failed and we went into a split brain condition. We did check before restarting the secondary, that the primary was listed as active and the secondary was list as passive. I checked the traffic monitor, system logs and did verify that it was only passing traffic on the secondary during the loss of heartbeat connection and then it was only passing on the primary. It was also only one of our zones not all. Very curious situation.
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
