Connect the HA ports on the Primary SonicWALL and Backup SonicWALL appliances with a CAT6-rated crossover cable (red crossover cable). The Primary and Backup SonicWALL security appliances must have a dedicated connection using the HA interface. SonicWALL recommends cross-connecting the two together using a CAT 6 crossover Ethernet cable, but a connection using a dedicated 100Mbps hub/switch is also valid.

Power up the Primary SonicWALL security appliance, and then power up the Backup SonicWALL security appliance.

Do not make any configuration changes to the Primary’s HA interface; the High Availability configuration in an upcoming step takes care of this issue. When done, disconnect the workstation.

Configuring High Availability

The first task in setting up HA after initial setup is configuring the High Availability > Settings page on the Primary SonicWALL security appliance. Once you configure HA on the Primary SonicWALL security appliance, it communicates the settings to the Backup SonicWALL security appliance.

To configure HA on the Primary SonicWALL, perform the following steps:

1.Navigate to the High Availability > Settings page.

2.Select the Enable High Availability checkbox.

3.Under SonicWALL Address Settings, type in the serial number for the Backup SonicWALL appliance.

You can find the serial number on the back of the SonicWALL security appliance, or in the System > Status screen of the backup unit. The serial number for the Primary SonicWALL is automatically populated.

4.Click Apply to retain these settings.

Configuring Advanced HA Settings

1.Navigate to the High Availability > Advanced page.

2.To configure Stateful HA, select Enable Stateful Synchronization. A dialog box is displayed with recommended settings for the Heartbeat Interval and Probe Interval fields. The settings it shows are minimum recommended values. Lower values may cause unnecessary failovers, especially when the SonicWALL is under a heavy load. You can use higher values if your SonicWALL handles a lot of network traffic. Click OK.

3.To backup the firmware and settings when you upgrade the firmware version, select Generate/Overwrite Backup Firmware and Settings When Upgrading Firmware.

4.Select the Enable Virtual MAC checkbox. Virtual MAC allows the Primary and Backup appliances to share a single MAC address. This greatly simplifies the process of updating network ARP tables and caches when a failover occurs. Only the WAN switch that the two appliances are connected to needs to be notified. All outside devices will continue to route to the single shared MAC address.

5.Optionally adjust the Heartbeat Interval to control how often the two units communicate. The default is 5000 milliseconds; the minimum recommended value is 1000 milliseconds. Less than this may cause unnecessary

SonicWALL NSA E6500 Getting Started Guide Page 33

Page 33 Page 35
Page 34
Image 34
SonicWALL E6500 manual Configuring High Availability, Configuring Advanced HA Settings
Page 33 Page 35
Top Page Image Contents