06-11-2020 07:12 AM
HA1 is showing down, but HA1 Backup and HA2 are showing up. FWs recently configured by contractor who has left. Configuration appears correct. Any suggestions?
06-17-2020 01:48 PM
From what I can see (online not onsite) is one HA is ethernet1/7 and the other HA is ethernet1/8, both up.
06-17-2020 03:17 PM
On Device-High Availability, what interfaces are shown for each backup link?
06-18-2020 05:07 AM
Backup Peer HA1 IP address is .30
Control Link (HA1Backup) is .29
07-01-2020 06:00 PM
So I changed around the configuration to what I thought it should be vs. what the contractor put in and I was able to get the HA1 interface up but the HA1 backup is down.
1 - He set Management as the HA1 Control Link and I set it to the HA1 ethernet interface IP.
2 - He set the Peer HA1 IP as the Peer's Management IP and I set it to the Peer's HA1 ethernet interface.
3 - He set the Backup Peer HA1 IP as the Peer's HA1 ethernet interface IP and I set it to the Peer's HA2 ethernet interface, which showed down after I changed it.
3 - He set the Control Link HA1 Backup as the HA1 ethernet interface IP and I set it to None.
4 - We both set the HA2 Datalink to the HA2 ethernet interface IP, which has always shown up.
5 - We both set the HA2 Datalink Backup to None.
I know the PA-850s HA setup must be configured differently than the PA-200s HA setup, but I cannot find a config guide specific to the PA-850s.
07-10-2020 01:02 PM
Since you have Control Link HA1 Backup set to none, the Backup Peer HA1 IP Address should be blank. No need for an IP address if it's unused. If you remove the Backup Peer HA1 IP Address, then the HA widget should remove the HA1 Backup option.
If you want to use the HA1 Backup, you can use the management interfaces of each firewall. Set the port configuration to management and the Backup Peer HA1 IP Address to the peer management IPs. Or you could use data plane interfaces set to the HA type.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!