01-12-2021 11:23 PM
Hi ,
I'm configuring FTD HA managed by FMC.
I was confused with Monitored Interface configuration when configuring FTD HA.
I've outside interface going to router an inside interface connected to switch.
If I put standby IP address for monitored interfaces when configuring HA, how should I configure static route at the switch and router side?
What is the gateway address for router and switch? I’m pointing active unit IP address as gateway but what if active unit fails?
And I also would like to know about active and standby MAC address.
Can I add any MAC address as long as it is within MAC address format?
(for example, can I use 1111.2222.3333.4444 as active MAC and 1111.2222.3333.4455 as standby MAC?)
Thank you all!
01-12-2021 11:33 PM
Hi @SaintEvn
The active unit always uses the primary unit's IP addresses and MAC addresses.
When the active unit fails over, the standby unit assumes the IP addresses and MAC addresses of the failed unit and begins passing traffic.
Reference here
So on the router and switch define the primary IP address as the next hop.
HTH
01-12-2021 11:37 PM
So, Standby IP address are just for interface monitoring purpose and no concern with other process ?
01-12-2021 11:42 PM
Correct, it's not necessarily required but recommended.
Without a standby IP address, the active unit cannot perform network tests to check the standby interface health; it can only track the link state. You also cannot connect to the standby unit on that interface for management purposes.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide