Thought this could be good knowledge to publish as this will no doubt, if not already, resulted in many calls to TAC.
I was working on a cluster for a customer recently - upgrading hardware and software.
Failover between the firewalls were taking 5 minutes during a simulated and unplanned outage. All the usual CXL and failover troubleshooting was done. Check Point side, it was solid. No problems with state sync.
I decided to enable vMAC which brought the whole network to life. Failover instant with no packet loss at all.
vMAC is literally designed for reasons like this, but it looks like Meraki doesn’t ‘support’ G-ARP.
A Citrix ADC user fell into the same issue here.
I think it would be useful for Check Point to publish this in order to assist customer first hand as the issue on first glance looks like the Check Points themselves.