FortiGate High Availability (Active / Passive)
Jan22

FortiGate High Availability (Active / Passive)

KB ID 0001730 So my aim was to setup FortiGate High Availability failover in Active / Passive mode. I’m setting this up in EVE-NG and here’s what my lab looks like; Note: Im using TWO connections for Heartbeat/Failover, you can simply use one if you prefer. FortiGate High Availability (Pre-Requisites) Obviously the firewalls need to be the same! For physical firewalls that’s straightforward, but be careful if you are...

Read More
Deploy Cisco ASA 55xx in Active / Standby Failover
Nov17

Deploy Cisco ASA 55xx in Active / Standby Failover

KB ID 0000048  Problem You want to deploy 2 Cisco ASA 55xx Series firewalls in an Active/Standby failover configuration. Solution Assumptions. Hardware on both ASA firewalls is identical. The correct license’s for failover are installed on both firewalls. The same software versions are installed on both firewalls. You have your PRIMARY firewall set up and running correctly (Everything works!). In this example the firewalls were...

Read More
Juniper SRX240 – Firewall Cluster (Active / Standby)
Nov17

Juniper SRX240 – Firewall Cluster (Active / Standby)

KB ID 0000990 Problem I’ve had very little exposure to JUNOS and Juniper equipment, and later in the year I have to deploy some for a client in a failover cluster. So I had a good look round on the Internet, and found loads of good blog posts and KB articles like this one. The problem is they are all geared to setting up a cluster, they ASSUME you then know about security zones, how to add default routes, and setup NAT etc. So...

Read More
Juniper SRX – ‘The Routing Subsystem Is Not Running’
Nov17

Juniper SRX – ‘The Routing Subsystem Is Not Running’

KB ID 0001045  Problem While trying to deploy Solarwinds to monitor a Juniper SRX failover cluster, we were having no joy connecting to the management interface of the secondary/standby firewall. The management (fxp0) interface on the primary (node0) firewall we could get to OK. ] After jumping on the secondary firewall (via the console connection) we observed the following; error: the routing subsystem is not running Solution As you...

Read More
Cisco ASA 5500 Active/Standby – Zero Downtime Upgrade
Nov17

Cisco ASA 5500 Active/Standby – Zero Downtime Upgrade

KB ID 0000733 Problem You have two ASA firewalls deployed in Active/Standby failover configuration, and need to upgrade either the operating system or the ASDM. As you already have a high availability solution you do not want any downtime. Before we start, we need to make sure we know the difference between primary, secondary, active and standby. From the rear (Active=Green, Standby=Amber) The Primary and Secondary firewalls are...

Read More