I had a issue where the HA failed and I broke the HA and reconfigured it and that fixed the issue, but it failed again and I noticed that there is a connection to a switch on both the active firepower and another switch on the secondary firepower and only one link on the switch connected to the active is lite and the other switch connected to the secondary firepower link light is not lit. I don't have access to the switch at this time to see how it's configured. (trying to contact the person that manages the switch).
I'm thinking that since the active and secondary firepower have the interfaces configured the same and the firepower/s are seeing one of the switch/s links down it's causing the HA to go to a failed state?
Does anyone know if this could be the cause of the HA failed status?
Software version: 7.0.5-72 on both firepower devices.
On the HA active device it shows Peer as failed. On the other device (Firepower) it shows HA failed and peer as active.
Here is a updated diagram:
The port link light on the HA failed device going to the switch is not lit.
Updated the info to hopefully make a clearer explanation of the issue:
Here is what happened. The HA was in a failed status, to fix it I broke the HA and reconfigured it with the same configuration and the HA was in a good status (not failed status). The breaking of the HA caused all interfaces to be disabled (for some reason) and so I enabled all the interfaces, but I missed one, the interface going to the switch from the active device. This caused a disconnect to the switch (HA was in a good status). The interface on the active FP going to the switch was enabled and that brought up the connection to the switch, but put the HA in a failed status.
After checking I noticed that SW2 did not have a link light and I'm thinking it's disabled or being blocked by STP, but I don't have access to the switches. I’ve emailed the person's that manage the switch and I'm waiting on a reply.
