there is high-available Paloalto fw PAN-OS 9.0.3-h3 connected to the same switch witch aggregate ethernet interface. interface VLANs created and on the firewall with ip address 10.1.1.1/24 to work as GW for some servers and other interface VLAN as GW for users with ip address 10.1.2.1/24. all thing was working fine and a change was required to make GW on a router that required to change the ip address of the interface vlans after changing the ip address to 10.1.1.88/24 and commit the change is rollbacked and I changed the IP address again to be 10.1.1.1/24.
when checking reachability between servers and FW (ping) it failed for troubleshooting interface vlan created on the switch when ping from fw using source interface 10.1.1.1 to this interface vlan it passed and ping from switch interface vlan to servers it also passed. but from fw to server failed which caused issue between servers and users vlan. when switchover done to passive fw all is working fine.
Yes please explain bit more. Also best to start checking all the configs again there must be something you have overlooked or missed.
I am sure mgmt profile is attached to the interface and ping is allowed. you can also try traceroute from the problem server and see where it stops.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!