Support Center > Search Results > SecureKnowledge Details
Cluster member might crash when processing a NAT connection, if SecureXL is not enabled on all cluster members
Symptoms
  • Cluster member might crash in the following scenario:

    • This cluster member became Active
    • SecureXL is enabled on this cluster member
    • SecureXL is not enabled on all members in the cluster
    • NAT rules exist in the policy
Cause

Since SecureXL is not enabled on all members in the cluster, FireWall and SecureXL tables of which NAT ports were allocated to which cluster member are not synchronized. As a result, FireWall created and offloaded a NAT connection using a NAT port that is not within the SecureXL range of allocated NAT ports. This caused the cluster member to crash.


Solution
Note: To view this solution you need to Sign In .