Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall management with two XGs working in HA mode

We have 2 XGs with latest firmware which run in HA mode. I activated Central management and entered the ID of the primary XG. Both XGs were added to Sophos Central and I am able to manage the primary device. Unfortunately the auxiliary device shows up as inactive. It was active right after activating Central management. Additionally the inactive auxiliary device shows it is registered for security heartbeat. What's going wrong here? Is HA still not fully supported?



This thread was automatically locked due to age.
  • Hi Alan,

    please see below

    AlanT said:

    Unfortunately, that is correct. Full HA support in Central is not yet implemented. Right now, if both nodes are joined to Central, they will show up as two separate firewalls, and the secondary unit will always show as offline. 

     

    We are working on full support for HA, which will combine the two units together in a single row. The row will show you the status of the combined pair, and also connect into the active primary unit for SSO, when you click on the firewall name. This is a high priority, and will be one of the next features completed after group management. 

    I think some people would appreciate a helpful answer to this...

    Thank You

    Best Regards

    Bernd

  • Same problem. We have one XG330 cluster and six XG125 clusters, all of them are not shown correctly in Sophos Central. We expected this to work flawlessly. Please update us about the state of development and the planned timeline for implementing this a bit more precisely.

    Thank you in advance, Peter / Markus

  • Hello,

     

    maybe it is helpful for You to acknowledge that in v18 there is an option to switch back to primary appliance if it is back "up" again after failover...

    But if you want to administrate via central in case of failover without switchback it is no solution for you.

    Have a look at the german web frontend - there should be somthing similar in Your localized web frontend - it is the checkbox at the bottom - "Failback zur primären..."

    Best Regards

     

    Bernd

  • Hi,

    we still have this problem. Was there any solution for this or do others also have this problem still?

  • V18.0 MR3 implemented the first HA Support for Central Management. 

    https://community.sophos.com/xg-firewall/b/blog/posts/xg-firewall-v18-mr3

    __________________________________________________________________________________________________________________