Configuring Primary/Auxiliary Devices

Use this page to configure the Primary/Auxiliary device.
Note
  • No changes in the firewall configuration. Only need to enable SSH on the dedicated interface.
  • Allow SSH traffic for dedicated HA link port on both the devices through Device Access.
  1. Go to System Management > System Settings > System > HA.
  2. Enter High Availability details.
    Serial Number
    Displays Serial Number of Device.
    Peer Serial Number

    Displays peer’s Serial Number if HA is enabled.

    In case of Primary Device, it displays the Auxiliary Serial Number.

    In case of Auxiliary Device, it displays the Primary Serial Number.

    Initial HA Device State

    Select to set intital device state from the available options.

    Available Options:
    • Primary
    • Auxiliary
    Passphrase
    Passphrase - Specify a passphrase for communication.
    Confirm Passphrase - Confirm the specified passphrase.
    Note To configure HA, both devices in the cluster must have the same passphrase.
    Dedicated HA Link Port
    Specify HA link port.

    HA peers are physically connected using a crossover cable through this port. The same port must be used as an HA link port on peer Device also.

    For example, if port E is configured as HA link port on Primary Device then use port E only as HA link port on Auxiliary Device. Make sure that the IP Address of HA link port for both, the Primary Device and Auxiliary Devices are in same subnet and SSH is enabled on both. Cluster Devices use this link to communicate cluster information and to synchronize with each other.

    Peer HA link IP
    Specify IP Address configured on the HA link port of the peer Device.
    Note Available only for Primary Device.
    Peer Administration Port
    Specify Administration Port for Auxiliary Device. This port can be used for administration purpose.
    Note Available only for Primary Device.
    Peer Administration IP
    Specify Administration IP Address for Auxiliary Device.

    With this IP Address, the Admin Console of Auxiliary Device can be accessed. Any user accessing Web Admin Console of Auxiliary Device will be logged -in with HA Profile and have read-only rights.

    Note Available only for Primary Device.
    Select Ports to be Monitored
    Select the ports to be monitored.

    Both the Devices will monitor their own ports and if any of the monitored port goes down, Device will leave the cluster and failover will occur.

    Note This feature is not supported in Virtual Security Devices.
    Note Available only for Primary Device.
  3. Click Enable HA to enable HA.
    Note The Device from which HA is enabled, acts as a primary Device while the peer Device acts as auxiliary Device.
    Note This feature is not supported in Virtual Security Devices.
    Note Available only for Primary Device.
    Figure: High Availability Details

If everything is cabled and configured properly and HA is enabled successfully:

  • Both Devices will have the same configuration except the HA link port IP Address.
  • By default, as soon as HA is enabled successfully, both the Devices will synchronize automatically.