 Re: Phase 2 problems after firewall failover
This issue has been resolved successfully.
The problem was a combination of 2 configuration settings.
1. On the backup firewall the "Accept connections to VRRP IP address" wasn't enabled in IPSO. This should be enabled.
2. On the firewall cluster object the parameter "ike_support_crash_recovery_sr" was set to false. This should be set to true. This setting must be changed through the GUIDBedit tool or through vi. |