Synchronizing Settings
Once you have configured the HA setting on the Primary SonicWALL security appliance, click the Synchronize Settings button. You should see a HA Peer Firewall has been updated message at the bottom of the management interface page. Also note that the management interface displays Logged Into: Primary SonicWALL Status: (green ball) Active in the upper-
By default, the Include Certificate/Keys setting is enabled. This specifies that Certificates, CRLs and associated settings (such as CRL
Tip: A compromise between the convenience of synchronizing Certificates and the added security of not synchronizing Certificates is to temporarily enable the Include Certificate/Keys setting and manually synchronize the settings, and then disable Include Certificate/Keys.
To verify that Primary and Backup SonicWALL security appliances are functioning correctly, wait a few minutes, then power off the Primary SonicWALL device. The Backup SonicWALL security appliance should quickly take over.
From your management workstation, test connectivity through the Backup SonicWALL by accessing a site on the public Internet – note that the Backup SonicWALL, when active, assumes the complete identity of the Primary, including its IP addresses and Ethernet MAC addresses.
Log into the Backup SonicWALL’s unique LAN IP address. The management interface should now display Logged Into: Backup SonicWALL Status: (green ball) Active in the upper-
Now, power the Primary SonicWALL back on, wait a few minutes, then log back into the management interface. If stateful synchronization is enabled (automatically disabling preempt mode), the management GUI should still display
Logged Into: Backup SonicWALL Status: (green ball) Active in the
If you are using the Monitor Interfaces feature, experiment with disconnecting each monitored link to ensure correct configuration.