High Avaibility problem A\P
cancel
Showing results for 
Search instead for 
Did you mean: 

High Avaibility problem A\P

L4 Transporter

There are two PA-500 firewalls in High Availability state A\P

After failover process the passive device become active but didnt pass the traffic.One possible reason which i suppose to be is the Gratious Arp packets are not send to the port of switch  (cisco 3850) which is connected to passive device

because when we type show mac-address interface <<number>> there are no virtual mac address

 

are there any other possible suggestions?

3 REPLIES 3

L4 Transporter

Did you happen to capture the GradARP packets on the passive device as it became active?

 

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Capture-ARP-Packets-on-an-Interface/...

 

 

 

 

L7 Applicator

@Radmin_85 

if you force the Grat ARP, does it show up on your switch?

 

> test arp gratuitous interface

  ethernet1/1   ethernet1/1

  ethernet1/2   ethernet1/2

  ethernet1/3   ethernet1/3

Tom Piens
Like my answer? check out my book! https://bit.ly/MasteringPAN

I have found the problem.problem was in switch port
So i have now other question.is it any best way to check redundancy between two Qsfp links in PA 7050 devices?just unplug one ofnthem or how?
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!