Failover Issue with AWS deployment

May the 4th (+4)
Roadmap Session and Use Cases for
Cloud Security, SASE, and Email Security

SASE Masters:
Deploying Harmony SASE for a 6,000-Strong Workforce
in a Single Weekend

Paradigm Shifts: Adventures Unleashed!
Capture Your Adventure for a Chance to WIN!

Mastering Compliance
Unveiling the power of Compliance Blade

WATCH NOW

CPX 2024 Content
is Here!

Harmony SaaS
The most advanced prevention
for SaaS-based threats

LEARN MORE

CheckMates Go:
CPX 2024 Recap

LISTEN NOW

Hi All

We have deployed Firewall in AWS in HA.

We have multiplease server configure in Static nat which is accessible from out side.

we deployed firewall in cluster, we add virtual IP as secondary IP in Active Firewall interface and other multiple IPs which used for Static NAT.

where my PRI IP:- 172.31.24.120, SEC IP :- 172.31.24.130 and vertual IP is :- 172.31.24.110

We add the route for all subnet in AWS through the active firewall Network Interface. (172.31.24.120 secondary IP 172.31.24.110)

Traffic is passing through the active firewall and everything is working fine.

when we failover the traffic from Active to Standby. after few minuted all secondary Ip is mapped with Standby Firewall network interface.

But route is not changed.

When we check the traceroute, traffic is goint through Active firewall interface 172.31.24.120. it should go through the Virtual IP (172.31.24.110)

Thats why our traffic is not working.

when we change the route manually and add the Standby Firewall Network Interface traffic started working.

and checked the Traceroute, it is going through the Virtual IP (172.31.24.110)

Please someone help me to resolve the issue.

10 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

User

Count

Are you a member of CheckMates?