Failover Issue between two firewalls

Created: Mar 14, 2016 13:14:13Latest reply: Mar 18, 2016 10:15:08 1074 1 0 0
  • Huawei interfaces are configured to work as a bridge interfaces while bridging vlan 100.
  • vlan interface is configured on Huawei for vlan 100.
  • vrrp configured for vlan interface 100, higher priority set on Huawei_1.


Huawei_1 and Huawei_2 are directly connected to two Juniper SRX cluster SRX_1 and SRX_2 respectively.
Once reth3(RG2) active interface is on SRX_1, traffic flows without any issue. (reth= redundant ethernet, traffic allows to flow in one interface only, once it is failed other interface countinue the flow of traffic)

From 10.1.1.155, To 10.1.1.156,157,158 and vice versa works as expected.

Once Fail-over is done for the RG2, traffic should flows SRX_2 to VRRP Master via Huawei_2. But this setup is not working.

To isolate the issue we did some tests,

Test_1 (reth3(RG2) active interface is on SRX_1)

We swapped the cables between Huawei_1 and Huawei_2. This started working again. From 10.1.1.155, To 10.1.1.156,157,158 and vice versa started to working again. Packets destined to 10.1.1.158 goes via Huawei_2.

Test_2 (L3 interfaces created on SRX_2 to Huawei_2)

This test was done based on Non-working setup. We removed the SRX_1 to Huawei_1 and created L3 interface from SRX_2 to Huawei_2. But again this was not successful.

We need to isolate this issue, By ***ysing above two tests can we conclude this is an issue in Huawei side? From our side we see that traffic flows only when SRX_1 interfaces are active.






  • x
  • convention:

user_2790689     Created Mar 18, 2016 10:15:08 Helpful(0) Helpful(0)

waiting for expert to solve this problem.
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Fast reply Scroll to top