Omar Dedovic

SecureXL is messed up in AWS when R77.30 JHFA is installed

Discussion created by Omar Dedovic on Feb 16, 2018
Latest reply on Mar 5, 2018 by Omar Dedovic

Good day,

 

Heads up for all of you that are installing new vSEC instances in AWS with Jumbo take 216, 282 or 292

This is only true for the new AMI R77.30-041.168. Previous version of the AMI works fine with JHFA.

 

JHFA will install "just fine", but you will notice that traffic is not passing the gateway. 

fwaccel off and traffic starts flowing again

Another thing that will show the issue is that running fwaccel stats -s command will only provide 1 single row output for Accelerated packets (instead of normally 4-5 rows or whatever it is).

 

I have a case with TAC and R&D have identified the issue (race condition of some sort) and are currenly working on specific hotfix for us for specific JHFA take.

According to TAC there is only one other reported íssue about this. So probably it won't find its way as permanent fix in coming JHFA. I have a hard time beleiving this since issue is so easy to reproduce with clean install, but thats the info I have.

 

Anyway, point of the post was that it might save time for someone.

Outcomes