ha active-passive : change wan physical port from 1G to 10G

Hello Ladislav,

Thank you for contacting the Sophos Community!

You would need to break HA, install the new module on the Slave device, then bring down the Master device, install the module, bring the device up, and reconfigure HA.

Regards,

hello. I already have the module installed. I'm talking about the smoothest possible reconfiguration - is it still necessary to reset all WAN rules? Also perform with HA disabled?

Hello Ladislav,

Thank you for the follow-up!

So if you already installed the module and the XGs are running in HA, you can update the WAN rules without any downtime, any change done in the Master device will get replicated to the Slave.

Regards,

Thank you.

What is the rirght sequence ? I tried to connect an optical cable to Disabled - unconfigured interface and the HA cluster switched  ? for inconsistence?.

Configure the interface  first and than connect cables ? Configure new LAG above bouth interfaces?

And is it still necessary to update all WAN rules ?

I am sorry I am asking, but I cannot do experiments on runnig devices.

Hello Ladislav,

Sorry, I am not understanding, what are you trying to do. Are you trying to add a LAG interface?

It would depend on which Ports are you monitoring.

I am not sure about which WAN rules you are referring to, but if the device is in HA, any changes in the Firewall rules will replicate.

In any case I would recommend you to schedule some downtime, as you are introducing new interfaces.

Regards,

Hello Ladislav,

Sorry, I am not understanding, what are you trying to do. Are you trying to add a LAG interface?

It would depend on which Ports are you monitoring.

I am not sure about which WAN rules you are referring to, but if the device is in HA, any changes in the Firewall rules will replicate.

In any case I would recommend you to schedule some downtime, as you are introducing new interfaces.

Regards,