Procedure

Create an HA pair from two standalone FDM-managed devices with the following procedure:

Procedure

Step 1

In the left pane, click Security Devices.

Step 2

Click the Devices tab to locate your device.

Step 3

Click the FTDtab and select the device you want to establish as the primary device.

Note

Security Cloud Control does not support creating an HA pair with devices configured with DHCP.

Step 4

In the Management pane, click High Availability.

Step 5

Locate the area for the secondary device and click Select Device, then choose a device from the list of eligible devices.

Step 6

Configure the Failover link.

  1. Click Physical Interfaceand select an interface from the drop-down menu.

  2. Select the appropriate IP Type.

  3. Enter the Primary IP address.

  4. Enter the Secondary IP address.

  5. Enter the Netmask. By default, this value is 24.

  6. If applicable, enter a valid IPSec Encryption Key.

Step 7

Configure the Stateful link. If you want to use the same configuration as the failover link, check the The same as Failover Link checkbox. If you want to use a different configuration, use the following procedure:

  1. Click Physical Interface and select an interface from the drop-down menu. Note that both the primary and secondary device must have the same number of physical interfaces.

  2. Select the appropriate IP Type.

  3. Enter the Primary IP address.

  4. Enter the Secondary IP address.

  5. Enter the Netmask. By default, this value is 24.

Step 8

Click Create in the upper right corner of the screen to finish the wizard. Security Cloud Control immediately redirects you to the High Availability Status page. From this page you can monitor the status of the HA creation. Note that once the HA pair is created, the Security Devices page displays the pair as a single row.

Step 9

Review and deploy the changes you made now, or wait and deploy multiple changes at once.