Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Firewall Reboot in Standby State with in HA status

The Secondary firewall is currently Active.

The Standby (Primary firewall) rebooted after making changes to the interface and some policies.

[tracelog]

07/21 10:16:46.816: ha - HA Primary [I] : In SYNC state - Peer was in ACTIVE state

07/21 10:16:52.928: ha - HA Primary [I] : Starting to Import Prefs in to Flash, PrefsTimeStamp : 0x3606bcf9cf

07/21 10:16:58.608: ha - HA Primary [I] : Prefs Imported in to the Flash, PrefsTimeStamp : 0x3606bd3a1e, rc:0x10010849

07/21 10:16:58.624: ha - HA Primary [I] : Rebooting after configuration sync...

07/21 10:16:58.624: ha - HA Primary [I] : In REBOOT state - Peer was in ACTIVE state


I have a question here.

1. Sometimes the Standby firewall reboots after the firewall changes settings, is this symptom intended?

1-1 What should I do to prevent the standby firewall from rebooting?

2. Is there a clear condition for a reboot in a situation like this?

Category: High End Firewalls
Reply

Answers

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    @sonicwall_beta_user,

    just let us know below information to identify the issue;

    What kind of the interface change are you done?

    Are you configured Active/Active HA or Active/Passive?

    Did you tried to configure any interface as Portshield Group?

  • Hi,


    Please refer to the following,


    What kind of the interface change are you done?

    A: The static IP assignment setting of the X5 interface has been changed to disabled.


    Are you configured Active/Active HA or Active/Passive?

    A: This is the Active/Standby setting.


    Did you tried to configure any interface as Portshield Group?

    A: No.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    @sonicwall_beta_user

    The static IP assignment setting of the X5 interface has been changed to disabled. --> Is this interface used for HA availability / Data link? If you disabled the interface which you dedicated for the HA/Data link, Firewall will frequently start reboot.

    If you are not changed the HA Availability/Data link interface, Check the both interface cable is connected properly. If the cable is loos, Firewall start reboot.

  • HA ports are separate (X6/X7), and these ports are unused. I tried to use it, but I disabled it because I didn't use it.

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    What model and firmware are you using? I have a Gen 6 NSA on 6.5.4.9 that crashes if I do what your describing...

  • Model is NSA6600, Firmware is 6.5.2.2-44n.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    @sonicwall_beta_user

    the firmware which you currently using its very very old. upgrade your firmware to the last general release and try.

  • jgrimesjgrimes SonicWall Employee

    This is completely normal.

    The Active firewall will feed configuration changes to the Inactive firewall. The [I] (the capital letter "i" in the brackets) means the Primary is the inactive unit and the Secondary is the active unit. On occasion the inactive unit will reboot. This is done to keep your inactive unit current with the active unit. Essentially, this is you Stateful High Availability at work.

    For more about that go to sonicwall.com/support and search for "What is a Stateful High Availability?"

    Remember, it is always the active unit that controls the configuration.

    I have to agree with Ajshlal, 6.5.2.2 is three and a half years old. You do need to upgrade as some point.

  • @jgrimes

    Thank you for your interest in my question.

    I checked the "What is a Stateful High Availability?" you advised.

    And you said, " On occasion the inactive unit will reboot."

    But there's no specific mention of what kind of environment the idle unit is rebooting in.

    Can you tell me what conditions or environments idle unit can reboot?

Sign In or Register to comment.