Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3201
Views
0
Helpful
2
Replies

Add replacement Firepower Threat Defense to existing HA cluster

donnie
Level 1
Level 1

‎04-22-2020 07:36 AM

Hi all,

 

Due to faulty fiber interfaces on my secondary firepower unit, i will be getting a replacement FTD 2130.

How do i get this replacement to replace the secondary unit of an existing HA cluster? Do i have to break the HA?

Any production impact in breaking the HA?

 

If i re-use my existing SSD (running version 6.2.3) in the new replacement unit, does it mean that after i power up my secondary unit, the HA will sync up and work as per normal? Please advise.

 

TIA!

 

0 Helpful
2 Replies 2

Francesco Molino
VIP Alumni
VIP Alumni

‎04-22-2020 07:54 PM

Hi

As the standby device will be down/removed, you can broke the ha pair to rebuild it. No impact on production:
https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212699-configure-ftd-high-availability-on-firep.html#anc9

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Peter Koltl
Level 7
Level 7

‎05-01-2022 11:27 PM

Francesco's article is not exactly about replacing a HA member.
I followed this procedure:     Replace a Secondary FTD HA Unit with no Backup

  • Force Break HA
  • delete secondary from FMC
  • register new secondary to FMC

  • Configure high availability, using the existing primary/active unit as the primary device and the replacement device as
    the secondary/standby device during registration

  • Add HA

  • Add Primary and secondary

  • configure standby IP addresses

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card