Clustering
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
1 hour 35 minutes
Difficulty
Intermediate
CEU/CPE
2
Video Transcription
00:03
>> This module, we will cover
00:03
high-availability clustering process.
00:03
Whenever you do upgrades,
00:03
you need to upgrade each cluster member individually.
00:03
Preferably, you start to get the standby member first.
00:03
[MUSIC] After the upgrade,
00:03
the appliance automatically reboots.
00:03
Only Manual upgrade is supported on these SMB devices.
00:03
V-MAC can be configured on SMB,
00:03
it minimizes the potential traffic outage
00:03
during a fail-over.
00:03
It also removes the need to use G-ARP.
00:03
IPV6 addresses are currently not supported,
00:03
high availability cluster only
00:03
supports IPV6 in dual mode.
00:03
To manually upgrade the cluster,
00:03
you go to Device,
00:03
then System Operations,
00:03
click "Manual upgrade",
00:03
the upgrade software wizard opens
00:03
and you would follow those instructions.
00:03
Now let's see how we can set up our own cluster.
00:03
I have two SMB appliances. This is one.
00:03
I've configured the IP addresses,
00:03
so they'll have different IP addresses.
00:03
We'll go here to a local network.
00:03
I can see that I have different IPs.
00:03
That one, this is SMB 2.
00:03
We'll go to Device local network,
00:03
I have a different IP address.
00:03
So each SMB got four interfaces,
00:03
one for DMZ, LAN 1,
00:03
LAN 2, and of course the WAN adapter.
00:03
It's very simple, let's begin.
00:03
I'm going to start with the first member.
00:03
I'm going to make it the primary member.
00:03
I need to go to Device and
00:03
>> high availability right here.
00:03
>> Let's start configuring the cluster.
00:03
Hit this, configure this as the primary server.
00:03
Next, a SEC password,
00:03
I'm going to go ahead and type something.
00:03
Now, I'm going to hit the advanced option.
00:03
The SEC interface is going to be LAN 2.
00:03
I left it blank,
00:03
especially for that reason,
00:03
I want it to be used for synchronization.
00:03
I'm going to use the IP address is going to
00:03
suggest the sub-net,
00:03
and it also suggests
00:03
the second IP address for the standby member.
00:03
I'm going to stick with that as well. Hit "Next".
00:03
It recognized that I have the DMZ interface,
00:03
so it asked me what's going to be
00:03
the cluster IP address over there.
00:03
I'm going to go ahead and configure
00:03
the cluster IP address,
00:03
the virtual IP as.4,
00:03
the primary physical address
00:03
>> is going to be 192.168.201.
00:03
>> That's the physical IP address of
00:03
that member and the secondary member,
00:03
the physical IP address on
00:03
that specific interface to the DMZ 1.
00:03
[MUSIC] That's one.
00:03
DHCP interface,
00:03
so since I have dynamic IP addresses,
00:03
I can not set up a cluster over there,
00:03
so I'm going to skip that.
00:03
I need to configure the LAN 1 adapter.
00:03
Same as before, I'm going to use.4 as
00:03
the virtual IP and.1
00:03
as the physical address that I'm really using.
00:03
Press "Finish". This may take few minutes.
00:03
Now, during this configuration,
00:03
I'm going to go ahead and say something.
00:03
That was the hard part,
00:03
because we've just set up everything.
00:03
The next thing we'll need to do,
00:03
we need to go to the standby member and simply
00:03
join this active cluster.
00:03
Now we go so we have the cluster,
00:03
but currently we don't have up here gateway yet.
00:03
We can see all of the IP addresses,
00:03
the virtual IP addresses,
00:03
the physical IP addresses.
00:03
Now let's go ahead and add the second member.
00:03
Once again, I want you to
00:03
>> see how easy it's going to be.
00:03
>> I'm in Device, high availability,
00:03
configuring cluster,
00:03
and this is going to be the secondary member.
00:03
The password, the SEC interface.
00:03
Now notice it recognized LAN 2,
00:03
that's the IP Address,
00:03
that's the IP address of the first member, so I'm good.
00:03
I'm going to go ahead select "Established Trust".
00:03
Good, press "Finish".
00:03
Appliance is now configured
00:03
as a secondary cluster member.
00:03
Now what's going to happen now
00:03
is the menu that we have here on
00:03
the left will disappear because
00:03
>> it's no longer relevant.
00:03
>> Why? Because this is not the active member.
00:03
So you shouldn't go ahead and configure
00:03
access policy or VPN because well,
00:03
this is the standby member.
00:03
The only time it will come back is
00:03
if the other member will go
00:03
down and this will become the active member.
00:03
[MUSIC] There we go,
00:03
gateway become an inactive cluster member.
00:03
Good, that's what I wanted.
00:03
Look, we have a cluster.
00:03
This gateway is active,
00:03
peer gateway is standby and it will go to this member,
00:03
you see all of the options have disappeared.
00:03
Why? Because this is the standby member.
00:03
Really cool, and really simple.
00:03
That concludes the clustering module.
00:03
[MUSIC]
Up Next
Instructed By
Similar Content
