We're trying to set up a High availability environment (active-passive) using this documentation: https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/HighAvailablityStartupGuide/HAConfiguration/HAQuickHAConfigureActivePassive/index.html
Both Firewalls are on Firmware SFOS 19.0.1 MR-1-Build365.Both Firewalls have the same Passphrase for HA.The HA-Ports are configured as DMZ and they're in the same Subnet (but with different IPs).The HA-Port is the same on both Firewalls.After initiating the HA, the primary device always just shows that he's trying to connect to the auxilary device, but nothing more happens (we've waited for at least 10 minutes).
On the auxilary device in the admin log, we can see the message:User 'hauser' failed to login from 'IP of the primary device' using ssh because of wrong credentials
So we changed the Passphrase, but that didn't change anything.The admin log still shows the failed log in from hauser.
What else can we check to be sure that hauser have the correct credentials?
Hello rexer ,Thank you for reaching out to the community, can you check the prerequisites for HA here - https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/HighAvailablityStartupGuide/AboutHA/HAPrerequisitesStartupGuide/index.htmlAnd then try to Configure active-passive HA using interactive mode instead of Quick HA mode - https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/HighAvailablityStartupGuide/HAConfiguration/HAInteractiveConfigureActivePassive/index.html
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
Hi Vivek Jagad
Thank you.The second box was not registered, i think that was the problem.
After registering the second box, we tried with interactive Mode and everithing worked fine.