cancel
Showing results for 
Search instead for 
Did you mean: 

SSL VPN Bytes received in NC tunnel stays 0 after A/P failover

Highlighted
Occasional Contributor

SSL VPN Bytes received in NC tunnel stays 0 after A/P failover

After a software upgrade our test plan includes a forced fail-over. After doing this a small number of specific IPs within a few roles seem normal except for 0 rec bytes. Could this be a problem with gratuitous ARP not changing the assigned pool IP to point to the active IVE? If I see this again I'll display the router's ARP table. I think this eventually fixes itself after ARP entry times out.

1 REPLY 1
Highlighted
Occasional Contributor

Re: SSL VPN Bytes received in NC tunnel stays 0 after A/P failover

After another test it has been determined that the router arp table has some NC IP pool addresses pointing to the NIC on the active box and some point to the NIC on the standby box. Since the arp table eventually times out, this would fix itself over time. Now we know to do a manual clear arp table in the router should there be a fail over for any reason. There might also be some problem with the active box not issuing arp or garp to set the table correctly.