If I have an HA pair of firewalls in active-active mode, how does the in (WAN) side know which one of the firewalls to send the traffic to?
In my situation, I have Cisco switches before & after a pair of FortiGate 500e NGFWs. The source port only has 1 IP that is mirrored on both firewalls. If I change the firewall to an active-passive pair, traffic flows. I assume traffic flows because now only 1 device has the IP.
No comments:
Post a Comment