Hey all,
I was wondering what the best process would be to replace a failed FTD 4115 unit in a HA cluster. I am planning to undergo some firmware updates and in the event of FTD unit failure I'd like to be able to replace a failed unit with one fresh out of the box.
From what I can tell my units are in a cluster, not a HA pair as they have a "Master/Slave" status rather than "Active/Secondary"
Current thinking is:
- Connect the new FTD to the same physical network interfaces as the old
- Give the new FTD a management address which FMC can reach (I assume you can do this via console into the appliance)
- Register the new FTD with FMC and do any upgrades to match versions (FTD and FXOS)
- Integrate the new FTD with the cluster via FMC (Not 100% sure on the process for this)
- Via that integration, push the configuration of the cluster to the new unit, and traffic should flow as expected.
Does this sound correct? or am I missing an easier way of doing things like importing config backups?
I did have the idea to upgrade FTD/FXOS independently on a bench first, import the failed FTD's config, and hypothetically plug and play with the new FTD into the network but was unsure how FMC would handle that due to registration.
Cheers.