I haven't made a ticket with Sophos yet but probably may have to unless anyone here knows any specifics on this.. Basically in my testing I found that I'm not able to use two UTM software deploys in a vmware cluster with High Availability enabled when the two VMs are on different hosts in my cluster. The vmware cluster networking is a distributed switch via cisco 1000v. It seems to work initially but I end up with a split brain issue and all networking through the firewall is impacted. Works fine if both VMs are on the same physical host, but if I move one to another host I get very strange results. The backing hardware has all the necessary layer 2 paths and latency shouldn't be an issue (hosts are all connected to same uplink switch). Wondering if the UTM's HA is just extremely sensitive or something? Any possible way to adjust the threshold before HA considers the mate to be dead?
This thread was automatically locked due to age.
