A company is deploying a new firewall in active/passive high availability. The two firewalls are connected directly via the HA1 and HA2 interfaces. After configuration, the passive firewall shows 'HA state: passive' but the active firewall shows 'HA state: non-functional'. What is the most likely cause?
Trap 1: The HA1 link is down or misconfigured.
HA1 is for heartbeat; if down, the firewalls would not form a pair.
Trap 2: The HA2 link is being used for management traffic.
HA2 should be dedicated for synchronization; management traffic should not be sent over it.
Trap 3: The preemptive setting is enabled on both firewalls.
Preemption determines which firewall becomes active; it does not cause a non-functional state.
- A
The HA1 link is down or misconfigured.
Why wrong: HA1 is for heartbeat; if down, the firewalls would not form a pair.
- B
The HA2 link is being used for management traffic.
Why wrong: HA2 should be dedicated for synchronization; management traffic should not be sent over it.
- C
The preemptive setting is enabled on both firewalls.
Why wrong: Preemption determines which firewall becomes active; it does not cause a non-functional state.
- D
The HA2 link is down or misconfigured.
HA2 is required for session synchronization; if it fails, the active firewall reports non-functional.