Firewall HA pair syncs config but not session state

MSP Toolkit
Minimal guidance for messy support realities.
Submitted by Anonymous (not verified) on

Scenario

A failover cluster shows synchronized configuration, but active sessions drop whenever a failover occurs.

Recommended Resolution Path

  1. Verify session pickup or state sync is supported and enabled for the platform and licenses in use.
  2. Check dedicated sync interface health, MTU, and error counters.
  3. Run a controlled failover test with benign traffic so you can observe the exact break.
  4. If config sync works but state sync does not, avoid assuming HA is truly production-ready.

Technician Notes

Document what changed, what confirmed the fix, and whether the issue points to a broader standards gap worth addressing for the client.

Subjects
Networking
Firewalls & Routing