Failover Traffic from Palo Alto Active Firewall to Passive Firewall:

Raghavendra Seshumurthy

 

Steps:

  1. Login to the active device through webui https://PA-FW-IP-Address
  2. Go to Device
  3. Click on high availability
  4. Click on operational commandsPA-FW-HA
  5. Click “Suspend local device”
  6. Now secondary firewall will move to Active status.

Bring back affected firewall to production:

  1. Once you fix all the issues related to previous active firewalls, bring the firewall back to production using below steps.
  2. Go to Device through webui https://PA-FW-IP-Address
  3.  Click on high availability
  4.  Go to operational commands.
    PA-HA-2
  5.  Click on ” Make local device functional”.
  6.  Now both device are moved to Active/Passive state.

Published by Raghavendra Seshumurthy

My name is Raghavendra Seshumurthy. Presently I am working as a technolgy manager for Microland Organization. I have experience on security/cloud products: F5, Checkpoint, ASA, PA, AWS, Bluecoat, VPN, PITC, Zscaler, Azure, GCP, network, security, cloud. This blog is created just to share thoughts on new technologies and features in the network, security and cloud environment.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s