Manualshelf

R3721-F3210-F3171-HP High-End Firewalls High Availability Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
51525354555657585960
51
Configuring stateful failover
NOTE:
The stateful failover configuration is available only in the web interface.
Overview
Introduction to stateful failover
Some customers require the key entries or access points of their networks, such as the Internet access
point of an enterprise or a database server of a bank, to be highly reliable to ensure continuous data
transmission. Deploying only one device (even with high reliability) in such a network risks a single point
of failure and therefore cannot meet the requirement, as shown in Figure 27.
Figure 27 Network with one device deployed
The stateful failover feature was introduced to meet the requirement. Stateful failover backs up services
such as NAT, ALG, blacklist, load balancing, and ASPF, and synchronizes configurations between two
devices. In Figure 28, t
wo devices that are enabled with stateful failover are deployed in the network.
Each device has a failover interface. The failover interfaces are connected over the failover link.
NOTE:
The failover link transmits only state negotiation messages and backup data.