Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
This widget could not be displayed.
1 Solution

Accepted Solutions
This widget could not be displayed.
4 Replies
Jump to solution

R80.10 CloudGuard IaaS High Availability for Microsoft Azure

Jump to solution

R80.10 CloudGuard IaaS High Availability for Microsoft Azure

Jump to solution

R80.10 CloudGuard IaaS High Availability for Microsoft Azure

Martin_Valenta
Advisor
Martin_Valenta
Advisor
Martin_Valenta
Advisor

That sounds like more a routing issue only..

That sounds like more a routing issue only..

That sounds like more a routing issue only..

0 Kudos
0 Kudos
0 Kudos
Ave_Joe
Contributor
Ave_Joe
Contributor
Ave_Joe
Contributor

It was not a routing issue and the cause has finally been sorted.

After validating everything in the document and the setup in Azure the issue was discovered to be Anti-Spoofing.

The documentation states that Anti-Spoofing should be disabled on the frontend cluster interfaces (eth0).    It does not however mention anything about disabling Anti-Spoofing on the backend cluster interfaces (eth1).

After going through the document again this morning I set a log filter for a source of the backend-lb, 168.63.129.16.Screen Shot 2019-03-14 at 10.35.33 AM.png

After a couple of iterations while working with support we finally came to the conclusion that Anti-Spoofing needed to be disabled on cluster internal interfaces also.

Policy was pushed after disabling Anti-Spoofing and everything started working as expected.

The documentation needs to be updated to also include disabling Anti-Spoofing on eth1.

It was not a routing issue and the cause has finally been sorted.

After validating everything in the document and the setup in Azure the issue was discovered to be Anti-Spoofing.

The documentation states that Anti-Spoofing should be disabled on the frontend cluster interfaces (eth0).    It does not however mention anything about disabling Anti-Spoofing on the backend cluster interfaces (eth1).

After going through the document again this morning I set a log filter for a source of the backend-lb, 168.63.129.16.Screen Shot 2019-03-14 at 10.35.33 AM.png

After a couple of iterations while working with support we finally came to the conclusion that Anti-Spoofing needed to be disabled on cluster internal interfaces also.

Policy was pushed after disabling Anti-Spoofing and everything started working as expected.

The documentation needs to be updated to also include disabling Anti-Spoofing on eth1.

It was not a routing issue and the cause has finally been sorted.

After validating everything in the document and the setup in Azure the issue was discovered to be Anti-Spoofing.

The documentation states that Anti-Spoofing should be disabled on the frontend cluster interfaces (eth0).    It does not however mention anything about disabling Anti-Spoofing on the backend cluster interfaces (eth1).

After going through the document again this morning I set a log filter for a source of the backend-lb, 168.63.129.16.Screen Shot 2019-03-14 at 10.35.33 AM.png

After a couple of iterations while working with support we finally came to the conclusion that Anti-Spoofing needed to be disabled on cluster internal interfaces also.

Policy was pushed after disabling Anti-Spoofing and everything started working as expected.

The documentation needs to be updated to also include disabling Anti-Spoofing on eth1.

0 Kudos
0 Kudos
0 Kudos
_Daniel_
Contributor
_Daniel_
Contributor
_Daniel_
Contributor
Hi Dameon,

The above link looks like broken
Hi Dameon,

The above link looks like broken
Hi Dameon,

The above link looks like broken
0 Kudos
0 Kudos
0 Kudos