Hello,
I have two XG firewall clusters, both are running Active/Passive HA and both have LAG connectivity to our core switch stack. Something like this:
XG210 Cluster (LAG_To_Core) -> Core Switch Stack <- (LAG_To_Core) XG230 Cluster
At the moment I can't get the XG210 and XG230 clusters to ping each other, however each Firewall can ping the each switch, including the VLAN virtual IP, and the switches can ping each firewall LAG IP.
I only have two firewall rules on each cluster (I am still in the early stages of the initial configuration):
XG210:
XG230:
The Interconnect zone on each firewall is configured the same:
The LAGs are configured on the same subnet
XG210:
XG230:
The switches are configured with a VLAN just for the Interconnect traffic and each switch has the same virtual IP to allow for Virtual Router Redundancy Protocol (VRRP):
switch 1:
Switch 2:
I have tested pinging the firewall interfaces from a different subnet and this is successful so I am confident that he switch config is correct.
I have had a look at the firewall logs and I can't see any packets being dropped at all so I am at a bit of a loss as to why the two firewalls can't ping each other.
Any help would be greatly appreciated.
Tim
This thread was automatically locked due to age.