Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Zenarmor causes issues with HA until set to bypass.
« previous
next »
Print
Pages: [
1
]
Author
Topic: Zenarmor causes issues with HA until set to bypass. (Read 138 times)
itngo
Full Member
Posts: 116
Karma: 4
Zenarmor causes issues with HA until set to bypass.
«
on:
November 06, 2024, 07:46:05 am »
We have a HA-Pair Deciso-Appliance here where Zenarmor is currently being evaluated.
We use CARP VIP with unicast, but this issue exists also when multicast was used.
About 12 VLANs and ZA is configured to protect only few of them and at least one dedicated interface.
Every few days and sometimes multiple times a day the firewalls get into split-brain or at least master stops processing traffic for some endpoints. For example 2 server in a subnet can communicate normal while other in the same subnet can not and are also not reachable per ping.
When we set Zenarmor to bypass everything returns to normal. Anyone had this issue already?
Logged
Seimus
Hero Member
Posts: 607
Karma: 59
Re: Zenarmor causes issues with HA until set to bypass.
«
Reply #1 on:
November 06, 2024, 10:19:02 am »
What do the logs say OPNsense General and ZenArmor notification?
Anything weird ongoing there?
Do you see something in the reports of Live sessions in ZA? Any block?
Regards,
S.
Logged
Networking is love. You may hate it, but in the end, you always come back to it.
OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G -
VM HA(SOON)
N100 - i226-V | Crucial 16G 4800 DDR5 | S 980 500G -
PROD
IHK
Full Member
Posts: 104
Karma: 5
Re: Zenarmor causes issues with HA until set to bypass.
«
Reply #2 on:
November 06, 2024, 11:31:11 am »
You can be sure that we will continue to update you through the ticket you created.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Zenarmor causes issues with HA until set to bypass.