Firewall rules and removed interfaces



  • I noticed something while doing some maintenance on my firewalls.  Recently we made a number of changes to our network which resulted in the removal of about 25 vlans.  Around that time I noticed that I was having some minor issues with the firewalls.  One in particular was annoying.  Every few hours the same port on the main firewall would switch from master to backup and back again.  All within a couple of seconds.  I folllowed a number of recommendations found in the forums on adjusting the base and the skew with no effect.  What seems to have resolved the issue was a firewall rule that I missed related to one of the removed vlans.  Now that I have removed that rule the problem seems to have been resolved.  As a suggestion would it be possible to have a rule that does not have a valid interface associated with it automatically disabled.  I am wondering now since that rule was near the top of the list what else it may have been affecting.

    Thanks


Log in to reply