High Availability
H2A High Availability allows two systems to operate as a single virtual
firewall, ensuring that network access and security are maintained with
minimum downtime. The section allows the firewall to be configured as
one of an high availablity pair or group. The service requires no obvious
changes to your existing network, making it transparent to end-users.
H2A High Availability is an option available on some GTA firewalls and
requires a feature activation code. The H2A HIGH AVAILABILITY FEATURE
GUIDE details how to configure and utilize the option.
Enable Enable H2A. A feature code is required to use this option.
Status This field is not editable. When the system is running in the H2A mode,
the Status field will display the current H2A mode of the system: Init,
Slave or Master.
VRID* Enter a value between 0 and 15 for the VRID (Virtual Router ID), used
to uniquely identify the H2A group. All systems must have the same VRID.
Priority** Enter a priority number between 1 and 255 for the H2A system. The system
with the highest Priority and confirmed communications with its beacons
will operate in the Master mode. The system operating in Master mode will
be the operational firewall and process network traffic as the virtual
firewall. If the priority number for the systems are not set, the system
will select the Master by automatically giving one system a higher priority.
Email Notification Select to receive an email when H2A changes.
Name Enter a name for the H2A member.
See How to Change an Object Name, below.
Interface* Select the interface on which this H2A member resides using the appropriate
Interface Object. Any change to the IP address assigned to the specified
network interface on the Network Information screen will change its interface
object in the H2A configuration. Interfaces may only be used once in the
H2A screen. In GBAdmin, an H2A member that has already been selected for
one interface will not appear in the other H2A dropdown lists.
Virtual IP address Enter the Virtual IP address that will be used for a given network interface.
(This IP address is for the firewall users.) By default, the Virtual IP
address is one address higher than the network interface address referenced
by the Interface field.
Beacon IP addresses Enter up to three Beacon IP addresses. Normally, one beacon
address is the Interface (configuration) IP address on the other H2A system,
but do not make it your only beacon IP address. This can lead to improper
functioning of the H2A group.
¨ Note
High Availability is not supported in bridging mode.
Return
to Services