Configuring High Availability (HA) on Sophos UTM

  1. Prerequisite
    • Minimum two nodes (two appliances Sophos UTM)
    • Maximum 10 nodes
    • Add license to the devices
    • Both UTMs appliances must same model
    • Both UTMs appliances must same version firmware or version of primary node (Master node) higher than other node (Slave node).
  2. ConfigureĀ  High Availability
    • Go to Management | High Availability

ha_1

    • Selects Configuration Tab
    • Set up some information follow:
      • Operation mode: select Host Standby (Active-Passive) or Cluster (Active-Active)
      • Sync NIC: select interface need connect HA port (default is interface eth3)
      • Devices Name: the name of node currently configuring
      • Devices Node ID: 1 or 2 depending on the host (they must be different)
      • Encryption key: password use to encryption, it has to match on both nodes.
      • Repeat: re-enter password encryption.
    • Click Apply

ha_a-a

 

    • come back Status tab you see follow picture

ha_3

 

    • At the moment, you will connect both devices via Cross-Cable at the Sync-Interface

IMG20150423130856

    • On the Status tab, you will see synchronize processing:

ha_syncing

 

    • see logging and system status SYNC between two devices

ha_loging

 

ha_status

 

    • Synchronize process finish!

ha_finish

 

Done, Thanks you for watching!

1 Comment

  1. Hi Joe,

    I am configuring 2 Sophos UTMs for high availability, At what point did you connect the 2nd UTM to the LAN and WAN connections? Did you configure anything on the 2nd UTM or did everything configure from the primary? I’m confused as to whether the 2 UTMs will have the same hostname and same LAN IP address. Any help would be appreciated.

    Thanks

Leave a Reply

Your email address will not be published.


*