Sophos UTM High Availability not working

Question

Hello,

I've been trying for some days to get Sophos HA to work in active/passive. I'm running 2 virtual machines on VMWare ESX and they both have the same hardware configured. Everything connects and syncs right.

The problem I'm having, is that whenever both nodes are online, some addresses in my network become unreachable. Below is an example of the addresses that wouldn't be reachable.

For example, I'm trying to reach 10.10.2.3 from 10.10.1.217. This works fine. Now when i ping 10.10.2.2 from 10.10.1.217, it doesn't work. When I use either of the Sophos UTM VM's without HA, everything works fine. When I use both nodes in HA, some network adresses can't be reached. Does someone have any idea how this could be solved?

This thread was automatically locked due to age.

BAlfson · Accepted Answer

I think Michael hit on the problem, Tim, about two years ago, MrGoodBytes gave the following prescription for two VMs running on the same host: 
 
How to resolve issues with Virtual UTMs configured for High Availability: 
 1. Login to the UTM console as root. 
 2. Enter the following command to determine if HA virtual_mac is enabled: 
cc get ha advanced virtual_mac 
 3. If the output is 1, you can disable it by entering the following: 
cc set ha advanced virtual_mac 0 
 4. Restart all virtual UTMs. 
 
Cheers - Bob