• SonicOS 8
• About SonicOS
  • Working with SonicOS
  • SonicOS Workflow
  • How to Use the SonicOS Administration Guides
  • Guide Conventions
• High Availability
  • About High Availability
    • High Availability Terminology
    • High Availability Modes
    • High Availability Encryption
    • Crash Detection
    • Virtual MAC Address
    • Dynamic WAN Interfaces with PPPoE HA
    • Stateful Synchronization with DHCP
    • Stateful Synchronization with DNS Proxy
    • About HA Monitoring
  • About Active/Standby HA
    • Benefits of Active/Standby HA
    • Working of Active/Standby HA
  • About Stateful Synchronization
    • Benefits of Stateful Synchronization
    • How Does Stateful Synchronization Work?
    • Example of Stateful Synchronization
  • Active/Standby Prerequisites
    • Supported Platforms and Licensing for HA
    • Physically Connecting Your Security Appliances
  • Maintenance
    • Removing an HA Association
    • Replacing a SonicWall Security Appliance
      • Replacing an HA Primary Unit
      • Replacing an HA Secondary Unit
• High Availability Status
  • Active/Standby High Availability Status
    • High Availability Status
    • High Availability Config
    • High Availability Licenses
• Configuring High Availability
  • Configuring Active/Standby High Availability Settings
  • Configuring HA with Dynamic WAN Interfaces
• Configuring High Availability in the Cloud Platform
  • Set up an Active/Standby High Availability Configuration Using Azure
    • Install the Custom Template
    • Enable Identity of Both Virtual Machines (HA1 and HA2)
    • Role Assignment
    • Check the Networking Tab
    • Configuring Active NSv Firewall Using the Associated Public IP
    • Configuring Standby NSv Firewall Using the Associated Public IP
    • Enable the L3 Mode
    • Configuring Active NSv Firewall Using the Floating Public IP
    • Configuring HA to Active/Standby with L3 HA link
    • Adding Additional Floating Public IP
• Fine Tuning High Availability
  • Advanced Settings
  • Configuring Advanced High Availability Settings
• Monitoring High Availability
  • Configuring Active/Standby High Availability Monitoring
  • IPv6 High Availability Monitoring
  • IPv6 HA Monitoring Considerations
• Azure Use Cases
  • Use Case 1: Manage Azure HA Firewall
  • Use Case 2: Forward LAN traffic to the External Network through the Gateway after HA Failover
  • Use Case 3: Configure DNAT on Azure HA Firewall
  • Use Case 4: Configure DNAT on Azure HA Firewall (Need to move multiple floating IPs support)
• SonicWall Support
  • About This Document

High Availability Config

The High Availability Config section on the Device > High Availability > Settings page provides the following information:

• HA Mode - Indicates one of:
  • None - High Availability is not enabled on the unit.
  • Active/Standby - Active/Standby mode provides basic high availability with the configuration of two identical firewalls as a High Availability Pair. By default, Active/Standby mode is stateless, meaning that network connections and VPN tunnels must be re-established after a failover. To avoid this, Stateful Synchronization can be licensed and enabled with Active/Standby mode.
  • Active/Active DPI - Active/Active Deep Packet Inspection (DPI) mode can be used along with the Active/Standby mode. When Active/Active DPI mode is enabled, the processor intensive DPI services, such as Intrusion Prevention (IPS), Gateway Anti-Virus (GAV), and Anti-Spyware are processed on the standby unit, while other services, such as firewall, NAT, and other types of traffic are concurrently processed on the Active unit.
  • Active/Active Clustering - In this mode, multiple firewalls are grouped together as cluster nodes, with multiple Active units processing traffic (as multiple gateways), doing DPI and sharing the network load. Each cluster node consists of two units acting as a Stateful HA pair. Active/Active Clustering provides Stateful Failover support in addition to load-sharing. Optionally, each cluster node can also consist of a single unit, in which case Stateful Failover and Active/Active DPI are not available.
  • Active/Active DPI Clustering - This mode allows for the configuration of up to four HA cluster nodes for failover and load sharing, where the nodes load balance the application of DPI security services to network traffic.
• HA Control Link - Indicates the port, speed, and duplex settings of the HA control link, such as X6 1 Gbps Full Duplex. When High Availability is not enabled, the field displays not configured. The HA control link is used to communicate heartbeats and other control traffic between the units. If the HA control link fails, X0 is used to communicate heartbeats between units; therefore heartbeats on both units should be in the same broadcast domain.
• HA Data Link - Indicates the port, speed, and duplex settings of the HA data link, such as X7 1 Gbps Full Duplex. When High Availability is not enabled, the field displays not configured. The HA data link is used to transfer stateful data to keep session data synchronized between the units. The HA Data Link is not required when running in non-stateful HA.