High Availability Page 225
14 High Availability
Given the critical nature of Internet connections, SonicWALL High Availability is standard on the
SonicWALL product line. SonicWALL High Availability eliminates network downtime by allowing the
configuration of two SonicWALLs (one primary and one backup) as a High Availability pair. In this
configuration, the backup SonicWALL monitors the primary SonicWALL and takes over operation in
the event of a failure. This ensures a secure and reliable connection between the protected network
and the Internet.
Before Configuring High Availability
Before attempting to configure two SonicWALLs as a High Availability pair, check the following
requirements:
• You have two (2) SonicWALL Internet Security Appliances. The High Availability pair must consist
of two identical SonicWALL models.
• You have at least one (1) valid, static IP address available from your Internet Service Provider
(ISP). Two (2) valid, static IP addresses are required to remotely manage both the primary Son-
icWALL and the backup SonicWALL.
Alert SonicWALL High Availability does not support dynamic IP address assignment from your ISP.
•Each SonicWALL in the High Availability pair must have the same firmware version installed.
• Each SonicWALL in the High Availability pair must have the same upgrades and subscriptions
enabled. If the backup unit does not have the same upgrades and subscriptions enabled, these
functions are not supported in the event of a failure of the primary SonicWALL.
Network Configuration for High Availability Pair
The following diagram illustrates the network configuration for a High Availability pair:
All SonicWALL ports being used must be connected together with a hub or switch. Each SonicWALL
must have a unique LAN IP Address on the same LAN subnet. If each SonicWALL has a unique WAN
IP Address for remote management, the WAN IP Addresses must be in the same subnet.
Alert The two SonicWALLs in the High Availability pair sends “heartbeats” over the LAN network
segment. The High Availability feature does not function if the LAN ports are not connected.