06-26-2022 07:01 PM
Hello all,
Last Sunday (6/26) at 5:37:27 PM, a failover occurred due to an Ethernet 1/22 interface down on the customer's Active Firewall.
I have looked around the log to analyze the cause, but the CPU was not high and I couldn't find the cause.
The figure below is ha-agent and route log. Do you know why such an error occurs?
<routed.log>
<ha-agent.log>
<routed.log>
The bug below can cause this problem?
PAN-179274 - Fixed an issue on high availability configurations where, after upgrading to PAN-OS 9.1.10, PAN-OS 10.0.6, or PAN-OS 10.1.0, the high availability (HA1) and HA1-Backup link stayed down. This issue occurred when the peer firewall IP address was in a different subnet.
#HA failover
Best Regards,
06-29-2022 09:41 PM
Hi @JoHyeonJae ,
I would look into why eth1/22 went down. Try running the following commands:
- show interface ethernet 1/22 and check for errors
- less mp-log brdagent.log to provide more details regarding port issues
Also, can you clarify the exact issue you are having please? Are you saying after finding out eth1/22 went down failover to the passive did not succeed?
07-18-2022 06:07 PM
@JayGolf
Are you saying after finding out eth1/22 went down failover to the passive did not succeed?
Yes, that is right.
During the search, we did not find any failure (DP, slot, kernel, or OS) from the firewall side. It looks more like a cable issue or local network topology/network connection issue.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
