Two firewalls are deployed in hot standby networking. On the active
firewall, the administrator adds GigabitEthernet1/0/2 to the Trust zone, but
the configuration is not synchronized to the standby firewall.
Step 1: Check the hot standby configuration. The automatic backup
function is enabled.
Step 2: Create a temporary ACL on the active firewall and check whether the ACL
configuration can be properly synchronized to the standby firewall. If yes, the
automatic backup function is normal.
Step 3: Check the configurations on the standby firewall. GigabitEthernet1/0/2
has been assigned to the DMZ.
Step 4: On the active firewall, disable the automatic configuration backup function.
Step 5: On the standby firewall, delete GigabitEthernet1/0/2 from the DMZ and
assign it to the Trust zone.
Step 6: On the active firewall, enable the automatic configuration backup
Automatic configuration backup is disabled.
The backup mechanism in hot standby deployment prevents configuration
commands from being backed up.
By default, configurations of the active firewall, such as the zone,
ACL, and attack defense configurations can be automatically backed up to the
standby firewall. If redundant configurations exist on the standby firewall
before hot standby is enabled, the configuration on the active firewall
conflicts with that on the standby firewall. As a result, the automatic backup