https://community.checkpoint.com/t5/Firewall-and-Security-Management/Policy-issue-after-HA-event/m-p/211563#M40114 <P>I'm not aware of that issue specifically, but that is a very old JHF take. I would suggest updating it to the current recommended release and testing again, and if the issue still occurs then we'll need TAC to investigate.</P> Wed, 17 Apr 2024 09:23:06 GMT emmap 2024-04-17T09:23:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Policy-issue-after-HA-event/m-p/211531#M40101 <P>Hi guys, strange issue that we have now seen twice on two different clusters. After an HA failover, the standby firewall picked up and was allowing traffic, but then when it failed back (we have revert to higher priority set) the gateway then dropped the traffic against the clean-up rule. It wasn't first packet isn't syn or anything like that, it was new connections (we had testers trying) and the drop reason was hitting the drop all rule in last position the policy. The fix was to install policy and it started working immediately again.</P> <P>The rules that were impacted were simple IP to IP rules. Anyone seen this before?</P> <P>Gateways are R81.10 T45</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 17 Apr 2024 01:55:53 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Policy-issue-after-HA-event/m-p/211531#M40101 Ryan_Ryan 2024-04-17T01:55:53Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Policy-issue-after-HA-event/m-p/211563#M40114 <P>I'm not aware of that issue specifically, but that is a very old JHF take. I would suggest updating it to the current recommended release and testing again, and if the issue still occurs then we'll need TAC to investigate.</P> Wed, 17 Apr 2024 09:23:06 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Policy-issue-after-HA-event/m-p/211563#M40114 emmap 2024-04-17T09:23:06Z