Filter
Top Products
Configuring a Stateful HA Pair | 40
3. In the Secondary IP Address field, enter the unique LAN
or WAN management IP address of the Secondary
appliance.
4. Select the Allow Management on Primary/Secondary IP
Address checkbox.
5. Optionally Enable Physical / Link Monitoring by selecting
the checkbox.
6. Optionally enable Logical / Probe IP Address by selecting
the checkbox and providing the IP Address of the target
host.
7. Click OK.
You can repeat these steps to configure Monitoring on other
interfaces.
For more information regarding the optional settings, see the
SonicOS Administrator’s Guide.
Synchronizing Settings
Once you have configured the HA setting on the primary Dell
SonicWALL appliance, click the Synchronize Settings button.
You should see a HA Peer Firewall has been updated
message at the bottom of the management interface page. Also
note that the management interface displays Logged Into:
Primary SonicWALL Status: Active in the upper-right-hand
corner.
By default, the Include Certificate/Keys setting is enabled.
This specifies that Certificates, CRLs and associated settings
(such as CRL auto-import URLs and OCSP settings) are
synchronized between the primary and secondary units. When
Local Certificates are copied to the secondary unit, the
associated Private Keys are also copied. Because the
connection between the primary and secondary units is typically
protected, this is generally not a security concern.
Note: A compromise between the convenience of
synchronizing Certificates and the added security of not
synchronizing Certificates is to temporarily enable the
Include Certificate/Keys setting and manually
synchronize the settings, and then disable Include
Certificate/Keys.
To verify that primary and secondary Dell SonicWALL
appliances are functioning correctly, wait a few minutes, then
power off the primary device. The secondary appliance should
quickly take over.
From your management workstation, test connectivity through
the secondary appliance by accessing a site on the public
Internet – note that the secondary appliance, when active,
assumes the complete identity of the primary appliance,
including its IP addresses and Ethernet MAC addresses.
Log into the secondary appliance’s unique LAN IP address. The
management interface should now display Logged Into:
Backup SonicWALL Status: Active in the upper-right-hand
corner.