- Prerequisite
- Minimum two nodes (two appliances Sophos UTM)
- Maximum 10 nodes
- Add license to the devices
- Both UTMs appliances must same model
- Both UTMs appliances must same version firmware or version of primary node (Master node) higher than other node (Slave node).
- ConfigureĀ High Availability
- Go to Management | High Availability
- Selects Configuration Tab
- Set up some information follow:
- Operation mode: select Host Standby (Active-Passive) or Cluster (Active-Active)
- Sync NIC: select interface need connect HA port (default is interface eth3)
- Devices Name: the name of node currently configuring
- Devices Node ID: 1 or 2 depending on the host (they must be different)
- Encryption key: password use to encryption, it has to match on both nodes.
- Repeat: re-enter password encryption.
- Click Apply
- come back Status tab you see follow picture
- At the moment, you will connect both devices via Cross-Cable at the Sync-Interface
- On the Status tab, you will see synchronize processing:
- see logging and system status SYNC between two devices
- Synchronize process finish!
Done, Thanks you for watching!
Hi Joe,
I am configuring 2 Sophos UTMs for high availability, At what point did you connect the 2nd UTM to the LAN and WAN connections? Did you configure anything on the 2nd UTM or did everything configure from the primary? I’m confused as to whether the 2 UTMs will have the same hostname and same LAN IP address. Any help would be appreciated.
Thanks
The manual configuration of an Active/Passive HA is simple. However, it gives you some more options
like which LAN port to use for synchronization, device names, node IDs and encryption key.
Once this data is entered on the first node you only need to connect the slave node to the master node and
either take the same configuration steps as for the first node or use the automatic configuration feature to add
the second node automatically.
https://www.sophos.com/en-us/medialibrary/PDFs/documentation/asg_8_HA_deployment_geng.pdf