Policy Push to Multiple Firewalls
I have a question. I have a cluster of firewalls (4) that should all get the same Policy during an install of it. However, there are times when I will see one or two of the systems in the cluster come back and state 'there are no commands to send' but the rest are fine. There are other times that all four get the policy, as it should, each time it gets installed. Can anyone tell me why this is? Why will it send any changes made to the policy to all of the systems one time and at other times one or two of them are 'exempted' (for lack of a better term)? Also, once the policy is installed any subsequent pushes that would include the exempted system(s) from before do NOT get the changes later so the policies are not exact (in case of failover).
Thank you for any response -