Kian Mohageri wrote:
On 7/31/06, Tim Pushor <[EMAIL PROTECTED]> wrote:
Sorry to bump this thread, but I'd really like to know how to
troubleshoot something like this.
I'd suggest tcpdump'ing at the point when the connection fails, on the
pflog(4) interface of both machines, especially the backup which is
apparently dropping traffic after failover. Also, you haven't said whether
there are any packet filters enabled on the client/server themselves, though
I'd assume not.
Thanks Kian - you are correct - they are just workstations on either
side of the firewall cluster used for testing. They are wide open.
I watched the log while attempting the failover. I block log all, so its
the first place I look I also watched syslog running with pfctl -x loud,
and verified that the state was properly propagated to the backup firewall.
Anything else anyone can think of?
Thanks,
Tim
