Network Admin Life - Firewall Upgrade Complete!

Interesting content, complex issue well explained and definitely intrigued as to the solution for this one.

aaronmckeever

it sounds like an issue with the routing protocols, either on the core switches, or the firewalls. I have seen some devices take up to 5 mins to switch routes due to different timings and which routing protocols are being used.

johng.

Condolences to your father and all family. Great video as always and save journey.

linton

Prayers and condolences to you and your family. As an active-duty military member, I truly appreciate your father's service and the sacrifices he gave for this country. I'm starting a new career path in IT in the military and your videos have been a helpful insight into how things are in the civilian world. Safe travels.

vance

There are many of us that started out on the Help Desk - you can learn a LOT and learn it FAST in that environment. I went on to become a Unix programmer, team manager, then moved into security consulting. I've been working as a computer security compliance officer for State Agency for the pas 13 years, and now looking forward to rolling up my tech manuals and heading off into the tech sunset. I will of course continue making the videos I enjoy on general computer tech for my Channel. Take care on you trip over the Rockies - I did my first year in that neighborhood as a US Air Force Academy cadet many many years ago.

PEDoers

Just curious, How are your Firewalls connected to the EMR Provider? Physical cross-connect or VPN? Also could you not ping the EMR Provider from the Palo Alto’s directly via a loopback interface? What type of routing are you running between palos and switches?

cd

It sounds like a route is missing on the cores connecting to the secondary firewall. I remember troubleshooting a similar issue years ago and after going through our switch config line by line it basically boiled down to a missing route statement.

Mitchell

If it's VWire your cores are L2 to the EMRs ASA-firewalls? I guess you have one vlan on each side of the firewall or physical interfaces on the EMR side (and a vlan on yours)?
It note hooked up in such way that if you primary fails and the EMRs secondary fails, you'll lose connectivity? There a cross-path for either two firewalls to fail?

What about something easy like the vlan is not tagged/allowed on the ports to the second firewall?

knightjocke

Good Morning, thank you for the insight of day to day issue admins deal with. I know that you are not looking for people to actually help troubleshoot with you but from my perspective on listening it would be great to know some basic things viia the OSI model. For example when talking about troubleshooting what does the traceroute show when your in the failover state? layer 1 seems to be intact, layer 2 arp tables going to the right mac of the firewalls, layer 3 going to the right ip or vip? stuff like that. Not being rude any way just thought the feedback from a subscriber would help with some content on our perspective(or at least mine). Happy Hunting! Thanks again.

privacypendulum

Interested to see what the solution will be. Stay strong with regards of your father! God bless

corstian_

Grace and Peace to you and all the saints here in NC!! Thanks for another great troubleshooting video! I always enjoy when you have real world network issues for us!! Keeps me thinking as I am still a student of this art!! I appreciate all that you do for us and look forward to the next issue! But i'm sure you''re not😆😆😆See you next time!!! Be well, be safe, be blessed and Cheers!!

samjones