01-25-2024 07:48 AM
Dear Gurus,
I've the following setup in a production environment :
I understood the following regarding this setup from PAN documentation: Setting Session Owner and Session Setup to Primary Device causes the active-primary firewall to perform all traffic processing. Only the firewall that is the session owner creates a traffic log.
However, I have dissimilar logs on both - whereas I was expecting only on fw01 as the active-primary to treat and log all traffic (fw02 to forward packets to fw01 for treatment), leading me to believe that in fact these are acting in a active-active + first-packet setup, rather than in a active-active + primary-device setup.
The active-active setup is required for fastest fail-over with least risk to loosing sessions (high speed transactions network).
What I am missing in the understanding of this setup please?
Thanks in advance !
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
