Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 3 answers
  • Subscribers 42 subscribers
  • Views 1881 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Home VMware Active-Passive question

Craig Glaser

So I've decided to try and set up a second firewall in my home VMWare cluster as a passive device, and as far as I can tell they are both set up correctly (see image below).  However, when I go into VMWare and disconnect the WAN link from the active firewall, nothing happens, other than I lose my internet connection.  On doing some research I did see that the 'Link Monitoring' is not supported for virtual devices, so does that mean under VMWare Active-passive is really only meant for VM failure or host failure? 



This thread was automatically locked due to age.
Parents
  • 0

    While I appreciate the answers, none of them are addressing my actual question.  HA Active/Passive IS WORKING.  In the sense that if I shutdown the active VM FW, the passive VM FW correctly takes over and my internet goes down for about 4 seconds before coming back up on the passive VM.  

    However, it seems that this configuration ONLY fails over in the case of a VM failure (the active VM is shutdown or fails) or on a host failure (where the Host the active VM runs under fails).  My question was 'Is it possible for virtualized Active/Passive HA VMs to do link monitoring so that it will fail over if the WAN Uplink to the active fails?  Or is Active/Passive HA in a VM environment limited to ONLY protecting against full VM or host failures?

  • 0 in reply to Craig Glaser

    SFOS checks the Link for failing (HA Monitoring Links) - But in a virtual setup, most likely those links will never fail in a sense, as the hypervisor will keep them alive. 

    __________________________________________________________________________________________________________________

Reply
  • 0 in reply to Craig Glaser

    SFOS checks the Link for failing (HA Monitoring Links) - But in a virtual setup, most likely those links will never fail in a sense, as the hypervisor will keep them alive. 

    __________________________________________________________________________________________________________________

Children
No Data
Unfiltered HTML