I have some issues with building and putting some VS's into product.
We are moving physical existing firewalls to VSX.
All config is the same and the policy used on the existing firewalls is being pushed to the VS (with the relevant parts of the rulebase changed)
I have this intermittent issue I cant get my head around - I have followed every SK on this I can find too.
Once the VS is live and policy is pushed to the firewalls, no logs are being received.
The internal network is a 10.0.0.0/8 and there is a route for this.
The mgmt server and log server are on an IP address within 10.66.xx.xx
From the firewall, I can ping and traceroute to a jump server with the IP of 10.66.something.something.
Infact I can get to everywhere within the 10.0.0.0 range APART from the the mgmt and log server.
TCPDUMP's from the wrp interface (that leads to a vswitch) shows traffic to the mgmt and log server originating on the 192.168.200.0 range (I changed it from 192.168.196.0) - this is the internal vsx comms network.
Why isnt the NAT being applied properly and the src address not the cluster?
i have looked at every SK and non of the symptoms match this issue.
I am looking to see if anyone has any obvious pointers.
One thing that makes me uncomfortable is that these are R80.40 VSX gateways managed by R80.20 mgmt server.
I don't know if this could cause any issues, there seems to be non reported but it makes me uncomfortable and something I am looking to get the customer to upgrade ASAP before attempting the change again. But I'd be doing this out of running out of options of what this issue is.
Without any logs, we can't get any of the other bits of traffic flows to work as we have no visibility.