Checking Firewall Health in Azure and GCP

Adding FireNet to a Transit gateway in Azure or GCP automatically creates Load Balancers in those clouds. HTTPS in these Load Balancers performs the firewall health check (not ping). You must disable ping in the interface management profile of your Azure or GCP firewalls.

Click here for more information on load balancing between different firewalls.

In Azure:

  • You can check the health probe status under Monitor > Metrics. See this article for more information.

  • The State column on the Gateway page in the Aviatrix Controller only reflects if the firewall is up or not. It does not reflect if the firewall is responding to health checks. You must check the health of the firewall in the Azure portal.

In GCP:

  • You can check the health status of the backend under Network services > Load balancing > Load balancer details. See this article for more information.

  • The State column on the Gateway page in the Aviatrix Controller reflects the health status of the firewall from the GCP load balancer.