Versionen im Vergleich

Schlüssel

  • Diese Zeile wurde hinzugefügt.
  • Diese Zeile wurde entfernt.
  • Formatierung wurde geändert.

...

Info

TCP connections are tracked via Connection Tracking and are synchronized to the Slave Firewall. However UTM functions such as IDS/IPS cannot be synchronized. Thus after a roll change all existing connections, which are scanned by a UTM function, are interrupted.


Hinweis

The IP address range used for the "Cluster Interconnect" must not be used elsewhere (e.g. for the local network). Otherwise this will lead to routing problems!




Requirements:

  • LANCOM R&S®Unified Firewall with LCOS FX as of version 10.3
  • Two Unified Firewalls of the same model as of UF-200 
  • The same firmware version has to be installed on both Unified Firewalls
  • One Unified Firewall license
  • The configuration on the Master Firewall has to be complete
  • At least one free Ethernet port on both devices
  • The Gratuitous ARP of the Slave Firewall has to be transmitted by the switch in the local network
  • Web browser for configuring the Unified Firewall.

    The following browsers are supported:
    • Google Chrome
    • Chromium
    • Mozilla Firefox

...

  • Initial Role: Select the option Master.
  • HA Interface: In the dropdown-menu select a free Ethernet port  to be used for the synchronization between the two Unified Firewalls (in this example the port eth3).
  • Local IP: Assign an IP address in CIDR format (Classless Inter Domain Routing) for the Master Firewall. This IP address respectively this network must not be used elsewhere in the configuration.!
  • Remote IP: Assign an IP address from the same network as the Local IP to the Slave Firewall. IP addresses in another network cannot be used.

...