Problem and solution when an intranet PC cannot access the server after active/standby server switchover


This case applies only to V100R001.
A firewall is deployed between an intranet PC and two servers. The two servers work in active/standby mode. A floating IP address residing on the same network segment as the firewall is used to correspond to two physical MAC addresses to implement the active/standby mechanism. In this scenario, ARP spoofing attack defense cannot be configured on the firewall. Otherwise, services will be interrupted after active/standby switchover. You need to run the undo firewall defend arp-spoofing enable command to disable ARP spoofing attack defense.
For details, see when the server switch over the vitual IP to the slave one, it can’t ping.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top