An administrator has configured a pair of firewalls using high availability in Active/Passive mode.
Path Monitoring has been enabled with a Failure Condition of "any."
A path group is configured with Failure Condition of "all" and contains a destination IP of 8.8.8.8 and 4.2.2.2 with a Ping Interval of 500ms and a Ping count of 3.
Which scenario will cause the Active firewall to fail over?
The path group has a Failure Condition of 'all,' meaning both IP addresses must be unreachable to trigger a failover. With a Ping Interval of 500ms and a Ping count of 3, it will take 3 failed pings at 500ms each to trigger a failure, totaling 1.5 seconds. Thus, if both IP addresses 8.8.8.8 and 4.2.2.2 are unreachable for 2 seconds, the Active firewall will failover.
B) 2 seconds as 3 x 500ms is more than 1 sec, and failure condition set to all means both have to be unreachable> https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/networking/static-routes/configure-path-monitoring-for-a-static-route
B. 500ms interval between pings. Ping count = number of pings to lose before triggering the failure condition. 3 pings x 500ms = 1.5 seconds. At 2 seconds the failure would be initiated. 8.8.8.8 and 4.2.2.2 would have to be unreachable because because it's "all" not "any" https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/device/device-high-availability/ha-link-and-path-monitoring
B - 500 ms = 1.5 seconds
Correct link to study is: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/device/device-high-availability/ha-link-and-path-monitoring