170
active-passive or legacy).
Management Access IP Addresses
For each interface you can configure an IP address in the same subnet as the interface IP address to
use to manage the USG whether it is the master or the backup.
Synchronization
Synchronize USGs of the same model and firmware version to copy the master USG’s configuration,
signatures (anti-virus, IDP/application patrol, and system protect), and certificates to the backup
USG so you do not need to do it manually.
4.4.1 Active-Passive Mode Device HA
Example
Here active-passive mode device HA has backup USG B automatically takes over all of master
USG A’s functions if A fails or loses its LAN or WAN connection.
An Ethernet switch connects both USGs’ LAN interfaces to the LAN. Whichever USG is functioning as
the master uses the default gateway IP address of the LAN computers (192.168.1.1) for its LAN
interface and the static public IP address (1.1.1.1) for its WAN interface. If USG A recovers (has both
its LAN and WAN interfaces connected), it resumes its role as the master and takes over all of its
functions again.
Figure 43 Device HA: Master Fails and Backup Takes Over
Each USG’s LAN interface also has a separate management IP address that stays the same whether
the USG functions as the master or a backup. USG A’s management IP address is
192.168.1.3 and USG B’s is 192.168.1.5.
Figure 44 Device HA: Management IP Addresses
4.4.2 Before You Start
USG A should already be configured. You will use device HA to copy USG A’s settings to B later. To
To Next Page
Loading...
