Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices High Availability Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
61626364656667686970
56
Item Descri
p
tion
Backup VLAN
Specify the backup VLAN.
Backup VLAN is specific to stateful failover. After you specify a backup VLAN,
each device sends stateful failover packets carrying the backup VLAN tag and
judges whether a packet is a stateful over packet based on the backup VLAN tag.
IMPORTANT:
HP does not recommend that you configure other services for the backup VLAN;
otherwise, the operation of stateful failover may be affected.
Manual Synchronization
Click the Manual Synchronization button to synchronize all configurations from
the active device to the standby device.
If the current stateful failover state is synchronization, you can select the manual
synchronization method.
Current Status
Current stateful failover state of the device:
SilenceThe device has just started, or is transiting from synchronization state
to independence state.
IndependenceThe silence timer has expired, but no failover link is
established.
SynchronizationThe device has completed state negotiation with the other
device and is ready for data backup.
Current Configuration
Synchronization Status
Displays the current configuration synchronization state, including:
A configuration conflict occursBoth devices are active or standby devices.
Waiting for the synchronization status.
Preparing for synchronization.
Synchronizing all configurations.
Synchronizes configurations automaticallyThe synchronization of all
configurations has completed. Configuration updates on the active device will
be automatically synchronized to the standby device.
Auto synchronization is not performedBecause auto synchronization is not
specified, configuration updates on the active device will not be automatically
synchronized to the standby device.
107BStateful failover configuration example
279BNetwork requirements
Firewall A and Firewall B are deployed for stateful failover in an enterprise network to provide Internet
access. They both run NAT to provide IP address translation.
Configure the firewalls to back up each other, so that when one firewall fails, the other firewall takes
over the services to ensure service continuity.
Enable automatic configuration synchronization from Firewall A (active firewall) to Firewall B
(standby firewall).