HA A/P on AZURE IP floating

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HA A/P on AZURE IP floating

L0 Member

Hello,

i configured HA actif / passif on azure when the failovor occurs the floating IP still on the First Firewall, she not move for the seconf that he becomes Actif.

- all permiissions are gived 

-configuration is a same to the Knowledge base

-test plugin is passed

 

in logs i see that and i dont know what that's mean : 

 

2022-06-29 17:41:54.307 +0200 vm_ha_state_trans INFO: : Sending detach command for NIC : None
2022-06-29 17:41:54.337 +0200 vm_ha_state_trans INFO: : Instance running in region '-----europe'
2022-06-29 17:41:54.338 +0200 vm_ha_state_trans INFO: : URL for put request: https://management.azure.com/None?api-version=2019-11-01
2022-06-29 17:41:54.455 +0200 vm_ha_state_trans INFO: : Put Request Failed: 404

 

thank you all fou your help

4 REPLIES 4

L0 Member

You can double check do u have below permission first on the Azure Service Principal

 

Microsoft.Authorization/*/read

Microsoft.Compute/virtualMachines/read

Microsoft.Network/networkInterfaces/*

Microsoft.Network/networkSecurityGroups/*

Microsoft.Network/virtualNetworks/join/action

Microsoft.Network/virtualNetworks/subnets/join/action

Microsoft.Network/publicIPAddresses/join/action

Microsoft.Network/publicIPAddresses/read

Microsoft.Network/publicIPAddresses/write

Microsoft.Network/routeTables/*

Hello Thomas,

 

thanks for your reply

 

i confirm that, i remark that he dont send detach command in the logs and i dont know why?

 

2022-06-29 17:41:54.307 +0200 vm_ha_state_trans INFO: : Sending detach command for NIC : None

 

and he get error 404 when he try to put the URL

 

2022-06-29 17:41:54.338 +0200 vm_ha_state_trans INFO: : URL for put request: https://management.azure.com/None?api-version=2019-11-01

 

2022-06-29 17:41:54.455 +0200 vm_ha_state_trans INFO: : Put Request Failed: 404

 

and i dont know where he brings this link, if you have an idea, may be its by default used by the version of the plugin

 

thank you

L1 Bithead

We are seeing the same issue and there is no clue on why would the Firewall make call to NIC: None.  Did you happen to find a solution for this issue?

Sathya Kumar Anand

L1 Bithead

Floating IP attach/detachment issues in Azure HA environment af... - Knowledge Base - Palo Alto Netw... ..  this helped, it was the sequence.  Had to turn off one firewall, then rebooted the one that has Secondary-IP Created to solve the error. 

Sathya Kumar Anand
  • 3335 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!