For firewalls in a
high availability (HA)
configuration, the service route configuration is synchronized across the HA peers.
For firewalls in an
active/passive high
availability (HA), the service route you configured to leverage an
external service or for log forwarding sees activity only on the
active
HA peer while the
passive
HA peer sees no activity if you configured
an Ethernet interface as the
Source Interface
. For example,
you configure a service route with Ethernet 1/3 as the source interface to forward
logs to Cortex Data Lake. In this scenario, all logs are forwarded from the
active
HA peer but no logs, including the system
and configuration logs, are forwarded from the
passive
HA peer. However, if you configure the MGT interface as the service route
Source Interface
, activity occurs on both the
active
and
passive
HA
peers.