06-05-2020 05:05 AM
Hello! Im plan break ftd ha pair, and return back in HA pair again, but im have several questions -
- how will lead secondary device (behavior traffic)
- what pitfalls can be when you return the device back
Solved! Go to Solution.
06-08-2020 10:03 AM
Hi,
As a best practice you can remove all data cables (except management and HA cables) from the secondary device.
Break the HA and then add it back and connect all the data cables.
Make sure to take screenshots of device page to capture HA configuration and standby IP addresses.
HTH
Regards,
Chakshu
Do rate helpful posts.
06-05-2020 05:35 AM
found this information might it will be helpful for you
When you break HA, the configured interfaces on the standby device are automatically disabled. The devices may experience a disruption in traffic during this process. After the HA pair is successfully removed you will be redirected from the status page to the High Availability page where you will have the option to create another HA pair with the same primary device.
Note: You cannot deploy to either of the devices until the HA pair is successfully removed.
When you break HA for a pair that is configure with management interfaces, the break may take 10 minutes or longer to complete and both devices go offline during this process. When the HA configuration is successfully removed, CDO displays both units as standalone devices in the Services & Devices page.
When you break HA for a pair that is configured with data interfaces, the break may take 20 minutes or more to complete and both of the devices go offline. you must manually reconnect the active device after the HA configuration is removed.
The standby device retains the HA configuration, though, and will become unreachable since it has the same configuration as the active device. You must manually reconfigure the IP interfaces outside of CDO, and then re-onboard the device as a standalone.
Use the following procedure to remove the HA pairing of two FTD devices:
If you break an FTD HA pair using the Firepower Device Manager (FDM) interface, the configuration status of the HA pair in CDO changes to Conflict Detected. After you break HA, you must deploy the changes to the primary device through FDM and then resolve the Conflict Detected state in CDO.
After the device is back in the Synced state, you can deploy configuration changes made in CDO to the device.
We do not recommend reverting changes from CDO after breaking HA using the FDM interface.
06-08-2020 10:03 AM
Hi,
As a best practice you can remove all data cables (except management and HA cables) from the secondary device.
Break the HA and then add it back and connect all the data cables.
Make sure to take screenshots of device page to capture HA configuration and standby IP addresses.
HTH
Regards,
Chakshu
Do rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide