Meraki

Community

MX HA need to know which is active firewall serving traffic

Solved
Mohanms
Conversationalist
‎Oct 2 2024 2:04 AM
‎Oct 2 2024 2:04 AM

MX HA need to know which is active firewall serving traffic

Hello Gents ,

I have 2 MX  HA . each MX is having 2 ISP links . My question is anywhere we can find which is the active firewall serving traffic  MX01 or MX02 ? .Im really getting confused  while troubleshooting .

Labels:
0 Kudos
1 Accepted Solution
In response to DarrenOC
Mohanms
Conversationalist
‎Oct 2 2024 2:19 AM
‎Oct 2 2024 2:19 AM

Hi @DarrenOC  The situation I faced is under security &SDWAN I saw primary current master as MX1 and Spare as MX2 but MX2 is the one serving internet traffic to clients.Can you help me here 

View solution in original post

0 Kudos
4 Replies 4
DarrenOC
Kind of a big deal
Kind of a big deal
‎Oct 2 2024 2:15 AM
‎Oct 2 2024 2:15 AM

Hi @Mohanms , the dashboard will tell you which MX is the Active one.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
Mohanms
Conversationalist
‎Oct 2 2024 2:19 AM
‎Oct 2 2024 2:19 AM

Hi @DarrenOC  The situation I faced is under security &SDWAN I saw primary current master as MX1 and Spare as MX2 but MX2 is the one serving internet traffic to clients.Can you help me here 

0 Kudos
In response to Mohanms
DarrenOC
Kind of a big deal
Kind of a big deal
‎Oct 2 2024 2:53 AM
‎Oct 2 2024 2:53 AM

Hi @Mohanms , that’s not what I would expect.  The Active should be the one serving traffic.  Are your connections connected the right way round?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
MariamT
Here to help
‎Oct 2 2024 4:53 AM
‎Oct 2 2024 4:53 AM

Helo @Mohanms , MX2 is normally passive and should not handle any traffic unless MX1 is down .

 if the MXs are connected to the same ISPs  check the cabling  , check if you have misconfigured a vip for the MXs, if you disable MX2  as a spare, what's the output of the Tshoot ? are you sure that the MX1 and 2 see each other through LAN (VRRP) and are on master/spare mode ? they may be both on master mode and you have an asymmetric routing . I think that a deep Tshoot can show what's wrong in this case , if all is good, I suggest that you ask for Meraki support help .

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.