InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
In Palo Alto, which port types are recommended for use in a HA pair? |
|
Answer» We recommend using the dedicated HA ports for HA Links and Backup Links when CONNECTING two PALO Alto Networks® firewalls in a HIGH availability (HA) configuration. The HA1 ports LABELLED HA1, HA1-A, and HA1-B are USED for HA control and synchronisation traffic, whereas the HA2 and High-Speed Chassis Interconnect (HSCI) ports are utilised for HA session setup traffic. AUX-1 and AUX-2 are multipurpose auxiliary ports on the PA-5200 Series firewalls that can be configured for HA1 traffic. The HSCI port, which is utilised for packet forwarding to the partner firewall during session setup and asymmetric traffic flow (active/active HA only), can also be configured for HA3. The HSCI port can be utilised for both HA2 and HA3 traffic. You can use data ports as HA interfaces if your firewall doesn't have specialised HA ports. You can configure data ports as backups to dedicated HA ports if your firewall has dedicated HA ports but not a dedicated HA backup port. |
|