Hi Team,

I have enabled MDPS separation following the sk138672 article in my LAB setup before deploying it in production.

Before enabling MDPS separation, I had a standard clusterXL setup with a default route pointed towards the management gateway and BGP routes towards the VLAN interfaces.

Below is the script I followed.

clish

set mdps interface Mgmt management on
set mdps interface Sync sync on
set mdps mgmt plane on
set mdps mgmt resource on
save config

set mdps environment mplane
set static-route default nexthop gateway address x.x.x.x on
save config
reboot

I have changed the 26000 devices, and it took a very long time to come UP with the firewalls after the reboot.

Once firewalls appeared, I disabled the management route from the "dplane" and only left the default route via mgmt.

After this separation, I lost access to the firewalls via management, and BGP communication on the "dplane" went entirely down.

Also, there is a loss of communication between the management server and the inability to retrieve or push any firewall policy via the management server.

I have tried resetting the SIC, but the communication is completely broken.

Does anyone have the same experience and overcome the situation?

Thanks

T