01-31-2015 04:22 AM - edited 03-11-2019 10:25 PM
Hello All,
Looking for some advice.
I'm looking to upgrade 2 5520's That were an active/standby failover pair until a recent SSL license application caused a mismatch.
The devices are currently running 8.0, i would like to upgrade them to in order 8.4 to reinstate failover.
Both firewalls are currently set to 'no failover' with the standby firewall showing as 'Failover off (pseudo-standby)' if i enter the 'show failover' command. The configuration is also now out of sync between the two firewalls due to changes that have been made since applying the license.
My question is what is the best way to go about upgrading these devices and reinstating failover with as little downtime as possible?
Also, will reloading the standby firewall in its current state (pseudo-standby) cause it to become active?
Any advice would be greatly appreciated :).
02-03-2015 12:08 AM
Hello
As they are not not synchronized, having a zero down time will not be valid here. Unless you apply the whole configuration manually to the standby.
you need to upgrade the active first and then the standby (shutdown the failover links until you have both 8.4) then you enable failover, the primary will be active.
Keep in mind that reloading the pseudo-standby will make it active.
regards,
Tariq
02-03-2015 12:43 AM
Hi Tariq,
Thanks for the response.
Having downtime is not an issue so no worries about that.
If i shutdown the failover links, will the secondary remain in 'pseudo-standby'?
Finally, if i enable failover on the primary following the upgrade and reload the secondary after updating its 'boot system' file, is it possible for it to detect the primary upon reloading and take its place as 'standby'?
You're help is greatly appreciated with this.
regards,
Ricky
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide