SonicWALL NSA 5000, 3500, 4500 Configuring High Availability, Configuring Advanced HA Settings

Page 30

Configuring High Availability

The first task in setting up HA after initial setup is configuring the High Availability > Settings page on the Primary SonicWALL security appliance. Once you configure HA on the Primary SonicWALL security appliance, it communicates the settings to the Backup SonicWALL security appliance.

To configure HA on the Primary SonicWALL, perform the following steps:

1.Navigate to the High Availability > Settings page.

2.Select the Enable High Availability checkbox.

3.Under SonicWALL Address Settings, type in the serial number for the Backup SonicWALL appliance.

You can find the serial number on the back of the SonicWALL security appliance, or in the System > Status screen of the backup unit. The serial number for the Primary SonicWALL is automatically populated.

4.Click Apply to retain these settings.

Configuring Advanced HA Settings

1.Navigate to the High Availability > Advanced page.

2.To configure Stateful HA, select Enable Stateful Synchronization. A dialog box is displayed with recommended settings for the Heartbeat Interval and Probe Interval fields. The settings it shows are minimum recommended values. Lower values may cause unnecessary failovers, especially when the SonicWALL is under a heavy load. You can use higher values if your SonicWALL handles a lot of network traffic. Click OK.

Tip: Preempt mode is automatically disabled after enabling Stateful Synchronization. This is because preempt mode can be over-aggressive about failing over to the backup appliance. For example if both devices are idle, preempt mode may prompt a failover.

3.To backup the firmware and settings when you upgrade the firmware version, select Generate/Overwrite Backup Firmware and Settings When Upgrading Firmware.

4.Select the Enable Virtual MAC checkbox. Virtual MAC allows the Primary and Backup appliances to share a single MAC address. This greatly simplifies the process of updating network ARP tables and caches when a failover occurs. Only the WAN switch that the two appliances are connected to needs to be notified. All outside devices will continue to route to the single shared MAC address.

SonicWALL NSA 5000/4500/3500 Getting Started Guide Page 29

Page 29 Page 31
Image 30
Page 29 Page 31
Contents Getting Started Guide Document Contents SonicWALL NSA Getting Started GuideBack SonicWALL NSA SeriesPre-Configuration Tasks This SectionCheck Package Contents Obtain Internet Service Provider ISP Information Obtain Configuration InformationAdministrator Information Registration InformationFront Panel Power Supply Back Panel8 The Back Panel Registering Your Appliance on mysonicwall.com Before You Register Registering and Licensing Your Appliance on mysonicwall.com Product RegistrationGateway Services Licensing Security Services and SoftwareService Bundles Support ServicesSonicWALL NSA 5000/4500/3500 Getting Started Guide Registering a Second Appliance as a Backup Registration Next StepsDeployment Scenarios ABC Selecting a Deployment ScenarioScenario a NAT/Route Mode Gateway Scenario B State Sync Pair in NAT/Route Mode Scenario C L2 Bridge Mode Initial Setup Connecting the WAN PortSystem Requirements Connecting the LAN Port Applying PowerAccessing the Management Interface Accessing the Setup WizardConnecting to Your Network Testing Your ConnectionActivating Licenses in SonicOS Saving a Backup Copy of Your Preferences Upgrading Firmware on Your SonicWALLObtaining the Latest Firmware Using SafeMode to Upgrade Firmware Upgrading the Firmware with Current SettingsUpgrading the Firmware with Factory Defaults On the System Settings page, click Upload New FirmwareUploaded Firmware New Confirmation dialog box, click OK to proceedConfiguring a State Sync Pair in NAT/Route Mode Initial High Availability SetupScenario B Configuring High Availability Configuring Advanced HA SettingsNavigate to the High Availability Advanced 30 Configuring a State Sync Pair in NAT/Route Mode Synchronizing Settings Adjusting High Availability Settings Synchronizing FirmwareHA License Configuration Overview Associating Pre-Registered Appliances Click RegisterConfiguring L2 Bridge Mode Configuring the Primary Bridge InterfaceConnection Overview Configuring the Secondary Bridge Interface IP Assignment drop-down, select Layer 2 Bridged ModeAdditional Deployment Configuration Creating Network Access Rules WAN DMZSonicWALL NSA 5000/4500/3500 Getting Started Guide Creating a NAT Policy SonicWALL NSA 5000/4500/3500 Getting Started Guide Configuring Address Objects Configuring NAT Policies Leave Create a reflexive policy uncheckedEnabling Security Services in SonicOS Enabling Gateway Anti-VirusSonicWALL NSA 5000/4500/3500 Getting Started Guide Enabling Intrusion Prevention Services Security Services Gateway Anti-Virus page, click AcceptSecurity Services Intrusion Prevention page, click Accept Enabling Anti-Spyware Applying Security Services to Network Zones Deploying SonicPoints for Wireless Access Configuring SonicPoint Provisioning ProfilesUpdating SonicPoint Firmware Select Enable SonicPoint 802.11g Radio tab Select Enable RadioConfiguring a Wireless Zone Assigning an Interface to the Wireless Zone Connecting the SonicPoint Troubleshooting Diagnostic Tools Using Packet CaptureUsing Ping Using the Active Connections Monitor Using Log View Deployment Configuration Reference Checklist For this Task See this ChapterSupport and Training Options Support Services Customer SupportSonicWALL Live Product Demos Knowledge PortalUser Forums Training Related Documentation Product Safety and Regulatory Information Rack Mounting the SonicWALL Safety and Regulatory InformationLithium Battery Warning Cable ConnectionsHinweis zur Lithiumbatterie Safety and Regulatory Information in GermanWeitere Hinweise zur Montage KabelverbindungenCispr 22 EN 55022 Class a FCC Part 15 Class a NoticeCanadian Radio Frequency Emissions Statement Regulatory Information for KoreaCopyright Notice Trademarks70 Notes SonicWALL NSA 5000/4500/3500 Getting Started Guide 72 Notes Rev a 01/08
Top Page Image Contents