Troubleshooting
Issue |
Solution |
||
---|---|---|---|
How to enable debugging on each Cluster Member Security Gateway that is part of a cluster.? |
From the Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. Member (either one), run in the Expert mode:
Debug output is written to: $FWDIR/log/aws_had.elg To disable debugging, you MUST run the following command on each Cluster Member:
|
||
What permissions are required for the CloudGuard Security Cluster Members IAM role? |
Copy
Example of a JSON script
IAM roles, not properly configured, will prevent the Cluster Members from communicating with AWS Amazon® Web Services. Public cloud platform that offers global compute, storage, database, application and other cloud services. to make networking changes if a Cluster Member failure occurs. |
||
Experiencing issues with Cluster |
Verify that the script in charge of communicating with AWS is running on each Cluster Member. On the Cluster Member (either one), run in the Expert mode:
The output should have a line like similar to:
|
||
Testing the environment |
For testing the Cluster environment, run in the Expert mode:
This will run tests that verifies:
|
||
Routing tables (RTB) do not fail over with AWS cluster members when more than one RTB is configured |
Refer to sk121598. |
||
During failover, the AWS route tables do not change their route from the failed member to standby active member |
|