Public IP address for Azure Cluster does not fail over when Nat Rule is configured on Azure Load Balancer in CloudGuard (vSEC) for Azure environment
||CloudGuard for Azure
|Platform / Model
- Public IP address for Azure Cluster does not fail over, when Nat Rule is configured on Azure Load Balancer in CloudGuard (vSEC) for Azure environment.
- This issue only occurs on the Microsoft Azure for deployment template version: 20180301 and above.
- The following error appears in the $FWDIR/log/azure_had.elg logs:
"RequestException: HTTP/1.1 400 Bad Request"
- The following error appears in the Azure event logs for the Resource Group that the Public IP address belongs in - "Microsoft.Network/networkInterfaces/write","Failed","Error"," "
Microsoft Azure has changed the API permissions that are used for updating a Public IP address. The API calls that are made from the azure_had.py script are no longer able to make the required calls to update the Public IP address to the new active member.
Note: To view this solution you need to