Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 2 subscribers
  • Views 3937 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High Availability Notifiers?

Buggrit
I have a customer who has set up two units in High Availability. Is it usual to show one as being UNLINKED? 

Please see the attached scr-shot.

Unlinked.png

Thanks,

JB


This thread was automatically locked due to age.
  • 0
    One of the interfaces isn't connected.  If the Dashboard shows that the sync interface is connected, then it must be one of the others on the Slave.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Thanks Bob,

    What can be done about this? How should a proper connection be achieved? I'm asking this as I'm not on site and cannot see how the customer has set their system up. It would be great if I can get back to them with a sensible solution to the issue.

    Regards JB
  • 0
    JB, I think you can see in the High Availability log which interface/s is/are not connected.  Also, you might want to check the HA configuration to confirm that the 'Backup interface' is set to "Internal."

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    You may also see the unlinked message if an Astaro detects that the cabling is different between the nodes.

    See the attached pic which I did (poorly) in about 2 minutes.

    Edit:  I know that I messed up the coloring convention with the LAN line, just too tired to fix it.  [:)]
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • 0 in reply to Scott_Klassen
    "Happy Admin" should be holding a celebratory cigar or beer, but otherwise the diagram is good to go [:)]

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Great picture Scott [:D] - Thanks. I'll take that to our customer and see if what he has matches up. I'll report back with any results...

    JB
  • 0 in reply to Buggrit
    OK got another update on this...

    I logged in and checked a few things this morning.
    Thing 1.) As suggested, I looked at the interfaces menu & options and found that the units were using an interface as a dedicated heartbeat channel (the interface used was eth3). The eth3 interfaces were not available to be changed because they were not visible anywhere within the "general" sub-tab. presumably because they had been claimed for use by the High Availablity system already. They could only be identified through looking into the "Hardware" sub-tab within the interfaces menu. As they were not available, they could not be set  to "Internal", as suggested in a previous post.
    Thing 2.) I found that the systems seem to be attempting to create a back-up heartbeat via a network cable between the two eth3 ports.
    Thing 3.) The secondary heartbeat had not been set up, so I configured it to use the internal (LAN) interfaces.
    Thing 4.) The 2nd firewall (passive) system had not been rebooted for some time so I rebooted.

    The result of the above changes did produce a slightly different message than before. Now the second firewall no longer shows as "unlinked", but rather is now permanently indicating that it is "syncing".  Please see attached images. 

    We are getting closer, but we're not quite there yet I fear.

    Any further suggestions?
  • 0
    The interface being used by HA (default eth3) can be set at Management>>High Availability>>Configuration Tab.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • 0
    Yeah, I think he was there, Scott, as he set up the fallback heartbeat on the Internal interfaces.  JB, I bet this was the first time that syncing started, and that it was just going to take a bit to sync.  Does it still show syncing?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Thanks Bob - I'm just checking with the customer - I'll get back to you with his answer tomorrow...

    JB
Cookie Information Banner