HA Active/passive Heartbeat sync issues.

Question

Hello Everyone, 
 We are having an issue with our HA setup and am hoping to get a bit of help regarding this.. 
 So we've had a physical firewall in for a while now and just recently it has started crashing randomly whereby we will have to hard reboot it. 
 
 Thinking HA is the way to go to solve this, we've bought new hardware and have attempted the heartbeat sync, an issue we have noticed is that the original Mac addresses for the NICs in the production UTM have synced to the new hardware thus stopping our connections from working as the new NICs have their own Mac addresses. 
 Is the solution to buy the same equipment for both units? Or is there a way we can alter the macs without the heartbeat re-syncing them. 
 
 Many Thanks as always..

Jaydeep · Accepted Answer

Hi RegencyBlue 
 You need to have the same Hardware model for the HA cluster to build. Refer to this link https://utm.trysophos.com/help/en_US/Content/master/managmt/High_Availability-Hardware_and_Software_Requirements.htm

Paul Warriner · Answer

Hello RegencyBlue, 
 https://community.sophos.com/kb/en-us/123174#Prerequisites 
 Prerequisites 
 
 Both devices in the HA cluster (i.e. Primary Device and Auxiliary Device) must be the same model and revision. 
 Both devices must be registered. 
 Both devices must have same number of interfaces. 
 Both devices must have the same firmware version installed. This includes maintenance releases and hot-fixes as well as firmware build. You can verify the firmware version using the following console command: system diagnostics show version-info 
 
 Paul