09-08-2020 09:28 AM
Hello,
is it possible to connect a new FTD to join as HA pair with a productive FTD? As far as I have seen for HA pair the both FTD should have no interface configuration before HA configuration.
regards
Saimun
Solved! Go to Solution.
09-08-2020 05:05 PM
You just need to run the wizard on the FMC saying the you adding an HA pair, and you need to select which is the primary and secondary nodes. The secondary node only need to have the managed interface up and reachable from the FMC. After you select both nodes, FMC will convert the two firewalls in a HA pair.
Expect some service disruption while you doing this.
09-08-2020 11:04 AM
Hi,
No you don't need to have both FTD's without configuration. When you create the HA pair, select the existing production FTD as the Active unit and the new FTD as the secondary. The existing configuration from the production FTD will be used for the HA configuration.
HTH
09-08-2020 03:31 PM
I can attest to what Rob says. I had a single FP 2110 with a full config that was in production for two months before adding another for HA. I had no issue what so ever.
09-08-2020 03:53 PM - edited 09-08-2020 03:53 PM
Required basic configuration done on the new FTD before joining to HA (physical connection to be ready)
Good document :
09-08-2020 05:05 PM
You just need to run the wizard on the FMC saying the you adding an HA pair, and you need to select which is the primary and secondary nodes. The secondary node only need to have the managed interface up and reachable from the FMC. After you select both nodes, FMC will convert the two firewalls in a HA pair.
Expect some service disruption while you doing this.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide