Saucepan

User Tools

Site Tools

Trace: high_availability security_profiles
paloaltonetworks:configuration:high_availability

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
paloaltonetworks:configuration:high_availability [2020/08/31 06:30] – external edit 127.0.0.1paloaltonetworks:configuration:high_availability [2022/11/23 12:49] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====== High Availability ====== ====== High Availability ======
 +===== Latency =====
 +Recomended but not enforced. Ensure <= 20ms latency between HA members.
 ===== HA2 Link ===== ===== HA2 Link =====
 If HA2 Backup has been configured but isn't showing on the dashboard widget on one or both of the firewalls in the HA pair, reboot the firewall(s) and it should appear on reboot. If HA2 Backup has been configured but isn't showing on the dashboard widget on one or both of the firewalls in the HA pair, reboot the firewall(s) and it should appear on reboot.
 +
 +If you are active/passive HA with the HA2 link going throught switches, you must use "IP" as the transport type. When using "ethernet" as the transport, once the initial handshake is complete between the active and passive, the passive Palo stops transmitting on HA2. Once that MAC ages out of the switches, then that HA traffic gets flooded every trunk that VLAN is enabled on.
  
 ===== Group ID ===== ===== Group ID =====
paloaltonetworks/configuration/high_availability.1598855443.txt.gz · Last modified: (external edit)