Hi all,
I've usually used Juniper firewalls and juniper switches but recently moved over to Palo Alto's for the firewall, while keeping Juniper switches for the access and distro layer. This is the first time I'm attempting an HA setup with the PA's and I'd like to solicit some info from the PA experts out there.
On the Juniper side I've got:
node0 port xe-0/0/0 (aeo) -------> PA node1 port eth1/14 (ae1)
node1 port xe-0/0/0 (ae0) -------> PA node2 port eth1/14 (ae1)
I'm using an active/passive on the PA so the aggregate is only setup for redundancy. However I'm not getting link lights and the ports show down. I'm a little confused on how PA's in an HA config handle aggregate groups spanning two nodes (if it's even possible).
Basically the goal is to have redundancy in case one firewall goes down; I'd appreciate any insight from the PA experts. Thanks!
piece of the simplified diagram for visual reference:
https://drive.google.com/file/d/12WXP_EmFrQ-2pQtc2GsGv8KkfUw_emx_/view?usp=sharing
No comments:
Post a Comment