sonicwall nsa2400 active/passive failover

hey guys,

we have one current sonicwall nsa 2400 firewall thats running. I have a second nsa 2400 i'd like to add now and configure it as the passive firewall. Can someone walk me through?

Who is Participating?
I assume you mean HA. Look at the following...
Cobra25Author Commented:
Let me look into..
Feroz AhmedSenior Network EngineerCommented:

It is a lengthy process and you have to do all the configurations on ASA firewall and then need to enable Failover on firewall and need to configure Failover .The cconfiguration should be as follows :

Inside Network

ASA#config t
ASA(Config-t)#inside network
ASA(Config-t)#nameif inside
ASA(config-t)#Security-level 100 (As it is inside network by default)

Outside Network
ASA#config t
ASA(Config-t)#outside network
ASA(Config-t)#nameif outside
ASA(config-t)#Security-level 0(As it is outside network by default)

If there is any DMZ network then as below :

ASA#config t
ASA(Config-t)#DMZ network
ASA(Config-t)#nameif DMZ
ASA(config-t)#Security-level 50 (As it is DMZ network by default)

Once the above configuration is done one has to define Access-list to communicate inside network with outside network and viceversa.Once done with Interface configuration .One has to configure Failover on ASA Firewall first enable Failover and one should configure Failover in 2 states Active and Passive .
Check with below command whether the failover was successfull by typing the command :

sh failover status it will show as active and standby no configured .

Now goto another ASA and repeat the same above steps and once the Failover is configured then a message will be sent to ASA1 from ASA2 failover successfull once you see this message you can confirm the Failover was Successfully configured on ASA1 and ASA2 and it shows the status as Failover in Active state on both the ASA1 and ASA2 and Standby waiting.

You can try the above steps for configuring Failover on ASA i have just given a rough idea on how to configure Failover on ASA you are supposed to enter IP Address and then need to update the configuration on ASA.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.