sonicwall nsa2400 active/passive failover

hey guys,

we have one current sonicwall nsa 2400 firewall thats running. I have a second nsa 2400 i'd like to add now and configure it as the passive firewall. Can someone walk me through?

Thanks!
LVL 4
Cobra25Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

carlmdCommented:
I assume you mean HA. Look at the following...

https://support.software.dell.com/kb/sw6234
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cobra25Author Commented:
Let me look into..
0
Feroz AhmedSenior Network EngineerCommented:
Hi,

It is a lengthy process and you have to do all the configurations on ASA firewall and then need to enable Failover on firewall and need to configure Failover .The cconfiguration should be as follows :

Inside Network

ASA#config t
ASA(Config-t)#inside network
ASA(Config-t)#nameif inside
ASA(config-t)#Security-level 100 (As it is inside network by default)

Outside Network
ASA#config t
ASA(Config-t)#outside network
ASA(Config-t)#nameif outside
ASA(config-t)#Security-level 0(As it is outside network by default)

If there is any DMZ network then as below :

ASA#config t
ASA(Config-t)#DMZ network
ASA(Config-t)#nameif DMZ
ASA(config-t)#Security-level 50 (As it is DMZ network by default)

Once the above configuration is done one has to define Access-list to communicate inside network with outside network and viceversa.Once done with Interface configuration .One has to configure Failover on ASA Firewall first enable Failover and one should configure Failover in 2 states Active and Passive .
Check with below command whether the failover was successfull by typing the command :

sh failover status it will show as active and standby no configured .

Now goto another ASA and repeat the same above steps and once the Failover is configured then a message will be sent to ASA1 from ASA2 failover successfull once you see this message you can confirm the Failover was Successfully configured on ASA1 and ASA2 and it shows the status as Failover in Active state on both the ASA1 and ASA2 and Standby waiting.

You can try the above steps for configuring Failover on ASA i have just given a rough idea on how to configure Failover on ASA you are supposed to enter IP Address and then need to update the configuration on ASA.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.