Redundant internet for HA firewall

Hello John245 ,

Thank you for reaching out to the community, you can refer the HA architecture and design here - https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/HighAvailablityStartupGuide/AboutHA/HAArchitecture/index.html

And about HA requirements, prerequisites here -  https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/HighAvailablityStartupGuide/AboutHA/index.html

Vivek Jagad Thanks, but HA is already set-up and working. The question is about the addition of redundant internet to the HA cluster. Is this the smartest way to do this and/or are addition components/cables required?

---

John

We don't recommend monitoring the WAN link in HA, because HA is designed to failover if any of the ports fluctuate in the monitoring Ports section. A failure of the ISP will result in an unnecessary failover, since traffic can be switched from one ISP to another in the same appliance under the WAN link manager.

We don't recommend monitoring the WAN link in HA, because HA is designed to failover if any of the ports fluctuate in the monitoring Ports section. A failure of the ISP will result in an unnecessary failover, since traffic can be switched from one ISP to another in the same appliance under the WAN link manager.