Configuring High Availability (HA) on Sophos UTM

  1. Prerequisite
    • Minimum two nodes (two appliances Sophos UTM)
    • Maximum 10 nodes
    • Add license to the devices
    • Both UTMs appliances must same model
    • Both UTMs appliances must same version firmware or version of primary node (Master node) higher than other node (Slave node).
  2. Configure  High Availability
    • Go to Management | High Availability


    • Selects Configuration Tab
    • Set up some information follow:
      • Operation mode: select Host Standby (Active-Passive) or Cluster (Active-Active)
      • Sync NIC: select interface need connect HA port (default is interface eth3)
      • Devices Name: the name of node currently configuring
      • Devices Node ID: 1 or 2 depending on the host (they must be different)
      • Encryption key: password use to encryption, it has to match on both nodes.
      • Repeat: re-enter password encryption.
    • Click Apply



    • come back Status tab you see follow picture



    • At the moment, you will connect both devices via Cross-Cable at the Sync-Interface


    • On the Status tab, you will see synchronize processing:



    • see logging and system status SYNC between two devices





    • Synchronize process finish!



Done, Thanks you for watching!

1 Comment

  1. Hi Joe,

    I am configuring 2 Sophos UTMs for high availability, At what point did you connect the 2nd UTM to the LAN and WAN connections? Did you configure anything on the 2nd UTM or did everything configure from the primary? I’m confused as to whether the 2 UTMs will have the same hostname and same LAN IP address. Any help would be appreciated.


Leave a Reply