Hello All,
We have Cisco FTD pair configured with HA. Recently we have updated the FTD with 7.0.5 version with this we have also upgraded snort-2 to snort-3 (as per recommendation). Both the requirement has been completed properly. But ..
Post than a strange behavior has been observed.
- When Actual Secondary becomes ACTIVE , Traffic is working.
- When we failover and Actual Active unit becomes ACTIVE . All traffic stopped and resulting in massive outage.
ARPs are learning fine on problematic FTD (Actual Active) , While troubleshooting we came to know that FTD is not seeing SYN-ACK packet. However, traffic restored and working fine when we make Actual Secondary as Active unit.
If anyone experienced this problem and had solution. Please advice.
Rgds
***