SonicWALL NSA 5000 Home Security System User Manual


 
SonicWALL NSA 5000/4500/3500 Getting Started Guide Page 29
Configuring High Availability
The first task in setting up HA after initial setup is configuring the
High Availability > Settings page on the Primary SonicWALL
security appliance. Once you configure HA on the Primary
SonicWALL security appliance, it communicates the settings to
the Backup SonicWALL security appliance.
To configure HA on the Primary SonicWALL, perform the
following steps:
1. Navigate to the High Availability > Settings page.
2. Select the Enable High Availability checkbox.
3. Under SonicWALL Address Settings, type in the serial
number for the Backup SonicWALL appliance.
You can find the serial number on the back of the
SonicWALL security appliance, or in the System > Status
screen of the backup unit. The serial number for the
Primary SonicWALL is automatically populated.
4. Click Apply to retain these settings.
Configuring Advanced HA Settings
1. Navigate to the High Availability > Advanced page.
2. To configure Stateful HA, select Enable Stateful
Synchronization. A dialog box is displayed with
recommended settings for the Heartbeat Interval and
Probe Interval fields. The settings it shows are minimum
recommended values. Lower values may cause
unnecessary failovers, especially when the SonicWALL is
under a heavy load. You can use higher values if your
SonicWALL handles a lot of network traffic. Click OK.
Tip: Preempt mode is automatically disabled after enabling
Stateful Synchronization. This is because preempt
mode can be over-aggressive about failing over to the
backup appliance. For example if both devices are idle,
preempt mode may prompt a failover.
3. To backup the firmware and settings when you upgrade the
firmware version, select Generate/Overwrite Backup
Firmware and Settings When Upgrading Firmware.
4. Select the Enable Virtual MAC checkbox. Virtual MAC
allows the Primary and Backup appliances to share a
single MAC address. This greatly simplifies the process of
updating network ARP tables and caches when a failover
occurs. Only the WAN switch that the two appliances are
connected to needs to be notified. All outside devices will
continue to route to the single shared MAC address.