12-05-2020 06:48 AM
Hello,
I ran an upgrade on my FTDs which are in HA(Active/Standby) from 6.4.0 to 6.6.1 version via FMC.. the entire procedure was completed successfully however both the members became active/active once the upgrade finished and the traffic is now fluctuating between the two firewalls.. this is causing loss of service as these are supposed to work in Active/Standby Mode.. the failover link is up and reachable from both the Firewalls and manual demotion on any member is also not working..it is giving the message " peer link is not active and switch is not possible"
Please help here.
Thanks
12-05-2020 07:22 AM
Hi @NeWGuy1109
Are you able to push policy to both FTD's?
Please provide the output of "show failover"
12-05-2020 12:33 PM
There is something gone wrong, check the HA Link, Looks like in the network, they are not able to see each other that is the reason it becomes active/active - so check the HA/synch Link between FTD- is this appliance what model or VM?
For now to make it stable - shutdown ( Standby one originally configured) one of them, and investigate the if any physical and failover history show you more information.
12-05-2020 11:45 PM
12-17-2020 08:23 AM
Had to involve TAC for it.. they are still looking into it.
However, it seems something went wrong during the upgrade itself which is unexplained at this point of time
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide