SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
High Availability
1171
SonicOS 5.8.1 Administrator Guide
ERROR – Indicates that the Backup unit has reached an error condition.
REBOOT – Indicates that the Backup unit is rebooting.
NONE – When viewed on the Backup unit, NONE indicates that HA is not enabled on
the Backup. When viewed on the Primary unit, NONE indicates that the Primary unit is
not receiving heartbeats from the Backup unit.
Active Up Time - Indicates how long the current Active firewall has been Active, since it
last became Active. This line only displays when High Availability is enabled. If failure of
the Primary SonicWALL occurs, the Backup SonicWALL assumes the Primary SonicWALL
LAN and WAN IP addresses. There are three main methods to check the status of the High
Availability Pair: the High Availability Status window, Email Alerts and View Log. These
methods are described in the following sections.
High Availability Status - One method to determine which SonicWALL is Active is to check
the High Availability Settings Status indicator on the High Availability > Settings page. If
the Primary SonicWALL is Active, the first line in the page indicates that the Primary
SonicWALL is currently Active. It is also possible to check the status of the Backup
SonicWALL by logging into the LAN IP address of the Backup SonicWALL. If the Primary
SonicWALL is operating normally, the status indicates that the Backup SonicWALL is
currently Idle. If the Backup has taken over for the Primary, the status indicates that the
Backup is currently Active. In the event of a failure in the Primary SonicWALL, you can
access the management interface of the Backup SonicWALL at the Primary SonicWALL
LAN IP address or at the Backup SonicWALL LAN IP address. When the Primary
SonicWALL restarts after a failure, it is accessible using the third IP address created during
configuration. If preempt mode is enabled, the Primary SonicWALL becomes the Active
firewall and the Backup firewall returns to Idle status.
Receiving Email Alerts About High Availability Status
If you have configured the Primary SonicWALL to send email alerts, you receive alert emails
when there is a change in the status of the High Availability Pair. For example, when the Backup
SonicWALL takes over for the Primary after a failure, an email alert is sent indicating that the
Backup has transitioned from Idle to Active. If the Primary SonicWALL subsequently resumes
operation after that failure, and Preempt Mode has been enabled, the Primary SonicWALL
takes over and another email alert is sent to the administrator indicating that the Primary has
preempted the Backup.
Viewing High Availability Events in the Log
The SonicWALL also maintains an event log that displays the High Availability events in
addition to other status messages and possible security threats. This log may be viewed in the
SonicOS management interface or it may be automatically sent to the administrator’s email
address. To view the SonicWALL log, click Log on the left navigation pane of the management
interface.
Verifying Active/Active UTM Configuration
This section describes two methods of verifying the correct configuration of Active/Active UTM,
and two “false negatives” that might give the impression that the idle unit is not contributing.
See the following:
“Comparing CPU Activity on Both Appliances” on page 1172
“Additional Parameters in TSR” on page 1173