Hi Dinh,
I am glad it helped and thank you for sharing the result.
If your problem is solved, it will be helpful for others if you mark the answer as "best answer".
------------------------------
Cezmi Cal
Consultant
Barikat Internet Guvenligi Bilisim Ticaret A.S.
Ankara
------------------------------
Original Message:
Sent: 06-13-2024 03:21
From: Dinh Ngo Van
Subject: [WAF_On-premises] Mismatch configuration between two gateway devices at the same device group
Thanks Cezmi for your helpful information. I followed your guideline and this is the result – it's done and the configuration on WAF-01 has been changed to match WAF-02.
------------------------------
Dinh Ngo Van
Network Security
Misoft
Bac Ninh
Original Message:
Sent: 06-12-2024 05:36
From: Cezmi Cal
Subject: [WAF_On-premises] Mismatch configuration between two gateway devices at the same device group
Hi Dinh,
Could you try to toggle bridge ha configuration by navigating to impcfg>Gateway>Interfaces path as seen on the screenshot below on GW1 in order to to make the same configuration as GW2? Then please share the results here.
------------------------------
Cezmi Cal
Consultant
Barikat Internet Guvenligi Bilisim Ticaret A.S.
Ankara
Original Message:
Sent: 06-12-2024 00:46
From: Dinh Ngo Van
Subject: [WAF_On-premises] Mismatch configuration between two gateway devices at the same device group
Hi everyone,
According to our design, our two gateway devices operate independently and do not run HA (High Availability) between the two devices (expect work as TRP mode and fail-open operation). We see that device WAF-02 is operating as expected, but device 01 is not fail-open as a configuration with error log as below (note that two gateways is not running in HA) and same configuration at the same device group.
I see some differences in the configuration within the folder GTI: info/gwstatus.xml
files across two devices. Despite configuring a Gateway group on MX and adding both devices to it, these differences persist. I'm unsure of the cause.
how could i configure WAF-01
to match WAF-02
's configuration, specifically setting fail-open
to true
, is-ha
to false
, and ensuring that all bridges are set to is-ha-active=true
?
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Dinh Ngo Van
Network Security
Misoft
Bac Ninh
------------------------------