Operation: HA Configuration-HA Settings
Description: Configure High Availability. It is a feature wherein two appliances are grouped together in a cluster and instructed to work as a single entity. 

Sample Configuration
<HAConfigure> <!-- Configured HA QuickMode for Auxilliary,Active_Active,Active_Passive --> <HA_Quick> <Device>Auxilliary/Active_Active/Active_Passive</Device> <NodeName /> <DedicatedLink>InterfaceName</DedicatedLink> <Passphrase>text</Passphrase> </HA_Quick> <!-- Configured HA Interactive --> <HA_Interactive> <Device>Auxilliary/Active_Active/Active_Passive</Device> <NodeName /> <!-- Auxilliary Mode --> <Auxilliary> <DedicatedLink>InterfaceName</DedicatedLink> <Passphrase>text</Passphrase> </Auxilliary> <!-- Auxilliary End --> <!-- Active_Active Or Active_Passive Mode --> <ClusterID>Number(0-63)</ClusterID> <Passphrase>text</Passphrase> <DedicatedLink>InterfaceName</DedicatedLink>_ <DedicatedLinkIPAddress /> <MonitorPorts> <Interface>Port1</Interface> <Interface>Port2</Interface> : </MonitorPorts> <PeerAdministrationList> <PeerConfiguration> <Interface>Interface</Interface> <IPAddressV4>mac</IPAddressV4> <IPAddressV6>ip</IPAddressV6> <!-- Selected only for bridge Interface --> <ReserveBridgePort>Member of Bridge</ReserveBridgePort> <!--- Bridge Peer end --> </PeerConfiguration> : </PeerAdministrationList> <KeepAlive_Interval>Number(250-500)</KeepAlive_Interval> <KeepAlive_Attempts>Number(16-24)</KeepAlive_Attempts> <HostMAC>Enable/Disable</HostMAC> <FallbackPrimaryDevice>Enable/Disable</FallbackPrimaryDevice> </HA_Interactive> <!-- Reset Interactive Mode --> <HA_Interactive_Reset /> <!-- Stop Quick Mode --> <HA_Quick_Stop /> <!-- Disable HA --> <DisableHA /> </HAConfigure>



Parameter Mandatory Default Description
HAConfigurationModeYes  
Select configuration mode for the cluster from the available options: Active-Active OR Active-Passive.
HAConfigurationMode confines to:
  • Type is 'SCALAR'.
  • Only 'Active_Active', 'Active_Passive', 'Auxilliary' are allowed.
ClusterIdNo 
Enter cluster id between 0 to 63.
ClusterId confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Range 0 to 63 is allowed.
Keepalive attemptsNo  
Specify the keepalive attempts to make before determining it as device failure (8-16).
Keepalive attempts confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Range 16 to 24 is allowed.
Peer administration settingsNo  
Specify the IP address and port range.
Peer administration settings confines to:
  • Type is 'ARRAY'.
  • Datatype is 'STRING'.
  • Multiple values are allowed.
PortNo  
Select the ports to be monitored and in case any port goes down, the appliance will leave cluster.
Port confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
DedicatedHALinkPortYes  
Specify HA link port through which the two appliances are physically connected.
DedicatedHALinkPort confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
PeerHALinkIPYes  
Specify IP Address configured on the HA link port of the peer appliance.
PeerHALinkIP confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS'.
  • Maximum characters allowed are 30.
  • IP Class other than 'MULTICAST', 'RESERVED', 'LOCALHOST', 'UNSPECIFIED', 'BROADCAST' is allowed.
NodeNameYes  
Name of the HA device.
NodeName confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 30.
  • Minimum characters allowed are 1.
EncryptionKeyYes  
Specify 'encryptionkey'
EncryptionKey confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 16.
  • Minimum characters allowed are 8.
Keepalive request intervalNo  
Set the keepalive request interval from 250 to 500 milliseconds.
Keepalive request interval confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Range 250 to 500 is allowed.
HA configuration modeNo QuickHAMode 
Select the HA configuration mode.
HA configuration mode confines to:
  • Type is 'SCALAR'.
  • Only '1', '0' are allowed.
FailbackPrimaryDeviceNo No preference 
Select to fail back to the primary device after it recovers.
FailbackPrimaryDevice confines to:
  • Type is 'SCALAR'.
  • Only 'No preference', 'Auxiliary', 'Primary' are allowed.
DisableVMACNo Disable 
Use hypervisor assigned MAC addresses.
DisableVMAC confines to:
  • Type is 'SCALAR'.
  • Only 'Disable', 'Enable' are allowed.
PortNo  
Select the port for Heartbeat Link using which both Appliances in HA would monitor each other.
Port confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.



Operation   Status   Message
HA Configuration-HA Settings200
HA Configuration-HA Settings211
HA Configuration-HA Settings216
HA Configuration-HA Settings500
HA Configuration-HA Settings502
HA Configuration-HA Settings504
HA Configuration-HA Settings505
HA Configuration-HA Settings541
HA Configuration-HA Settings542
HA Configuration-HA Settings543
HA Configuration-HA Settings544
HA Configuration-HA Settings545
HA Configuration-HA Settings546
HA Configuration-HA Settings547
HA Configuration-HA Settings548
HA Configuration-HA Settings549
HA Configuration-HA Settings550
HA Configuration-HA Settings551
HA Configuration-HA Settings554

© Copyright Sophos Firewall Limited. All rights reserved.
Sophos Firewall is registered trademarks of Sophos Firewall Limited and Sophos Firewall Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.