This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Replacing faulty SG210 in HA setup

Hi,

I have a set of SG210 running UTM 9.510-5 firmware with active subscription.

Recently 1 of the SG210 had problem and we RMA the unit, a replacement unit was sent to us, but with a higher firmware version (9.705). I checked the Sophos UTM download page and seems UTM 9.510-5 is no longer available for download any more.

May I know what is the correct procedure to join the replacement unit back to the HA cluster?

1. Backup config file from existing working SG210
2. Go to MyUTM, license for the old faulty unit and change the serial number to the new unit
3. Go to High Availability setting in the existing working SG210 and change the operation mode to Off
4. Upgrade existing SG210 to same firmware as the replacement unit (downtime expected)
5. Connect the HA ports for both units
6. Configure HA setting at existing unit
7. Connect the WAN and LAN port of replacement unit

Is the above steps correct?

Thanks.

Patrick.

This thread was automatically locked due to age.

Top Replies

PatrickLaw 7 months ago +1

Hi guys,

Was thinking of doing the following steps:

1. Load UTM 9.510-5 to replacement unit (sent email to Sophos support to request for ISO)
2. Backup config from working unit and load to replacement …

Parents

0 BAlfson 7 months ago
Hi Patrick and welcome to the UTM Community!

The solutions proposed by Thom and Dirk are your choices. Since your current firewall is running an ancient version, I bet Up2Dating it would cause a lockup with an out-of-space message. I would use Thom's approach with two additions:

First, do a quick install on the new device so that you can Up2Date it to 9.707. Do a Factory Reset and then do Thom's first two steps.

Continue once you're comfortable that all is well with the new device in place.

Instead of Up2Dating the current device, re-image it with the 9.707 ISO. After you've re-imaged it, power it down, connect all the Ethernet cables for HA and power it up.

Cheers - Bob

PS You can come to the Community to see if an Up2Date can be trusted. You're more secure to be running the newest, trusted version.
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson 7 months ago
Hi Patrick and welcome to the UTM Community!

The solutions proposed by Thom and Dirk are your choices. Since your current firewall is running an ancient version, I bet Up2Dating it would cause a lockup with an out-of-space message. I would use Thom's approach with two additions:

First, do a quick install on the new device so that you can Up2Date it to 9.707. Do a Factory Reset and then do Thom's first two steps.

Continue once you're comfortable that all is well with the new device in place.

Instead of Up2Dating the current device, re-image it with the 9.707 ISO. After you've re-imaged it, power it down, connect all the Ethernet cables for HA and power it up.

Cheers - Bob

PS You can come to the Community to see if an Up2Date can be trusted. You're more secure to be running the newest, trusted version.
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data