In a HA Active-Active setup, how do you bring a firewall out of Suspended (Non-Functional Loop) mode when link monitoring is enabled, and is forcing the firewall back into Suspended state?

In a HA Active-Active setup with 'any' link monitoring enabled, one of the firewalls may get into a state where:

• The links go down (for reasons not discussed in this article) causing the firewall to go into Suspended (Non-Functional Loop) mode.
• Enabling the links when firewall is in Suspended state would not bring the links up.
• Moving the firewall out of Suspended mode would not work as the firewall would detect the links being down, and link monitoring forces the firewall back into Suspended state.

How do you bring the firewall back to Active state in such scenarios?

NGFW

Disable and re-enable link monitoring:

• Go to Device > High Availability > Link and Path Monitoring and uncheck Enabled.
• Commit the configuration.
• Move the firewall out of Suspended state.
• Enable/bring the concerned links back up.
• Go to Device > High Availability > Link and Path Monitoring and check Enabled.
• Commit the configuration.

Alternatively, you can choose to remove the specific links from monitoring:

• Remove interfaces from Device > High Availability > Link and Path Monitoring > Link Group.
• Commit the configuration.
• Move the firewall out of Suspended state.