High availability screen
Communication between firewalls in the high availability cluster
Main link Main interface used for linking both firewalls that make up the
cluster.
Select it from the list of objects in the drop-down list.
Use a second
communication link
Select this option in order to enable the fields below it and to define a secondary link
for your cluster.
Secondary link Secondary interface used for linking both firewalls that make up the
cluster.
Select it from the list of objects in the drop-down list.
WARNING
You are advised to use a secondary link when you wish to change the interface used as
the main link. Changing the link may indeed cause interruptions to communications
between members of the cluster, which may lead to a nonoperational cluster.
Advanced properties
Modifying the pre-shared key between firewalls in a high availability cluster
New pre-shared key This field allows modifying the pre-shared key or the password defined during the
creation of the cluster.
Confirm Confirm the password/pre-shared key that you have just entered in the previous field.
Mandatory password
strength
This field indicates your password’s level of security: “Very Weak”, “Weak”, “Medium”,
“Good”or “Excellent”. You are strongly advised to use uppercase letters and special
characters.
Quality indicator
Active firewall if equal
This option allows favoring one firewall as the active firewall in the event both firewalls have the
same quality.
The aim of favoring an active firewall is to keep as many logs as possible on the same firewall or to
favor traffic on a specific firewall. If the active firewall fails, or if a cable is accidentally unplugged,
the other firewall will take over as the active firewall.
Automatic If you select this option, no priority will be assigned.
This firewall (<its serial
number >)
By selecting this option, you will set this firewall as the active firewall and the second
firewall will take over from it if it malfunctions or is unplugged.
The other firewall
(remote) (<its serial
number >)
By selecting this option, you will set this firewall as the active firewall and the second
firewall will take over from it if it malfunctions or is unplugged.
WARNING
Selecting this option will cause the firewalls to swap immediately, or switch
from this firewall as the active firewall, causing a disconnection from the
administration interface.
Optimize swap for network bridges
When surrounding appliances change from a cluster to bridge mode, the change is applied faster
with this option.
Page 151/448 sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
SNS - USER CONFIGURATION MANUAL V.3
HIGH AVAILABILITY
To Next Page
Loading...
