Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Subscribers 8 subscribers
  • Views 12623 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos HA over Two Datacenter

Tobias Küchler

Hi I'm thinking for a Colocation for our Company with SAN Replication over dark fiber (L2). So my question is if it's possible to have a Sophos HA (Active / Passive) over two Datacenter so that if the Datacenter 1 is down the Sophos on Datacenter 2 switches to Master and I can run all VMs on Datacenter 2 and also all remote Offices connect automatic to this Firewall.

One of the WAN is located on the Datacenter 2 and the other in Datacenter 1. The Network would be completely transparent (Layer2 connection between both Datacenter).

The only problem I see is that also the heartbeat of the Sophos FW has to go over the dark fiber and if the connection between the Datacenter is down, both firewall are in master mode and can accept VPN, SMTP…

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    dunno about the dark fibre because I'm not really a network admin so I don't know if this is relevant but you will need jumbo packets enabled on your networks for UTM HA to work across sites

  • 0 in reply to mahaddon

    Is the Jumbo Frames requirement documented somewhere? I've not had any issues with HA connectivity through switches etc that don't have Jumbo Frames enabled.

    Have you determined what frame size is required?

    James

     

  • 0 in reply to jamesharper

    I don't think so.  Not 100% certain why we do this because I didn't set it all up.

    We have 2 datacenters, one in one city and the other in another city.  We have Hypervisor environment split across both data centers.  We have 2 UTM HA arrays both managed by a single SUM but we have to keep both HA nodes (master and slave) for each HA array in the same city datacenter becaus ewe don't enable jumbo frames across the network links.  

Reply
  • 0 in reply to jamesharper

    I don't think so.  Not 100% certain why we do this because I didn't set it all up.

    We have 2 datacenters, one in one city and the other in another city.  We have Hypervisor environment split across both data centers.  We have 2 UTM HA arrays both managed by a single SUM but we have to keep both HA nodes (master and slave) for each HA array in the same city datacenter becaus ewe don't enable jumbo frames across the network links.  

Children
No Data
Unfiltered HTML