Setup Firewall Cluster Failover(HA) with 5 minutes
II/INSTALL
Step 1:You setup 2 firewall with info
firewall 1(MASTER): LAN:172.16.1.1 SYNC:192.168.188.1(cable Cross) WAN
firewall 2(SLAVE): LAN:172.16.1.2 SYNC:192.168.188.2(Cable Cross) WAN
Step 2 :Create virtual IP in fw1 and fw 2(Firewall > Virtual IP)
Step 3: config sync for fw (rule,Nat ......)In Master (Firewall > Virtual IP go to tab CARP Settings)
+check all box
+Synchronize Interface:SYNC
+Synchronize to IP:192.168.188.2
+Remote System Password:your password access admin pfsense
In SLAVE(Firewall > Virtual IP go to tab CARP Settings)
+only check Synchronize Enabled
+Synchronize Interface:SYNC
Step 4: don't forget add rule in interface SYNC for master connect to SLAVE and SLAVE connect to MASTER
Step 5 :Check status In MASTER and SLAVE
Step 6:Test create rule in MASTER it Auto update to SLAVE
Step 7 :Test Connection shutdown MASTER.SLAVE to MASTER (it will delay 1 ms)
No comments:
Post a Comment