Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
High Availability - HA Heartbeat Backup
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- Collaboration
- Tools
- Best Practice Assessment
- Best Practice Assessment Device
- High Availability - HA Heartbeat Backup
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Email to a Friend
- Printer Friendly Page
- Report This Content
DawgsFan
L4 Transporter
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
on 07-13-2020 12:57 PM
0% helpful
(0/1)
High Availability - HA Heartbeat Backup
If HA1 and HA1-backup are configured with data plane ports then Heartbeat backup is needed. If Management port is used as HA1 bkup then Heartbeat backup is not needed.
Rate this article:
Comments
ChrisSutton
L0 Member
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Email to a Friend
- Report This Content
06-07-2021
03:24 PM
Why, though? What's the reason that using management ports for a Control Link makes Heartbeat Backup not needed, or put another way, why does not using a management ports for a Control Link make Heartbeat Backup advantageous or necessary?
almargaris
L2 Linker
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Email to a Friend
- Report This Content
06-15-2021
07:02 AM
@ChrisSutton Great question Chris.
The reason for this is in the event the interface used for HA1 goes down there's an alternate interface (management backup) to send heartbeats and keep HA stable. Think of the scenario where you have a layer 2 switch connected in between two active/passive members and the switch loses power, HA1 would go down and you would have a split brain scenario for HA.
In summary, it's for increasing HA stability depending on how your network is setup.
Please feel free to read more about it on the High Availability documentation.
JoeKwok
L1 Bithead
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Email to a Friend
- Report This Content
11-23-2021
05:21 AM
What is the result if Heartbeat Backup is enabled AND Management port is used as HA1 backup?
AyrtonCJR
L0 Member
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Email to a Friend
- Report This Content
04-12-2022
11:48 AM
Does anyone know if I am able to see the same status information I see on the HA Widget for the 'Heartbeat backup' up or down, via the cli as a show HA .... ... status command of some sort? I am not finding it via # show high-availability all or # show high-availability state.
I need to be able to find this information in a large batch of firewalls for an audit. Thanks.
Labels
-
Accelerated Aging
1 -
admin roles
1 -
Antivirus Content Update
1 -
API Key Lifetime
1 -
App ID Inspection Queue
1 -
Apps Threats Content Update
1 -
Authentication Profile
1 -
Authentication Sequence
1 -
automatically acquire commit lock
1 -
Backup Peer HA1 IP Address
1 -
Best Practice
1 -
Best Practice Assessment
93 -
BPA
1 -
Captive Portal Enabled
1 -
Captive Portal Session Cookie
1 -
Certificate Expiration Check
1 -
Clientless VPN
1 -
Configuration Sync
1 -
Connection Security
1 -
Content-ID
3 -
Critical System Logs
1 -
Custom Groups
1 -
decrypted content
1 -
Device
94 -
Dynamic Updates
1 -
Dynamic Updates - Antivirus
1 -
Failed Attempts
1 -
File Size Limit
6 -
FQDN Refresh Time
1 -
GlobalProtect
1 -
GP Gateway License
1 -
Grayware
1 -
Group Mapping Included Groups
1 -
HA Heartbeat Backup
1 -
HA Timer
1 -
HA2 Keep Alive
1 -
HA2 Session Synchronization
1 -
High Availability - Path Monitoring
1 -
High Availability Link Monitoring
1 -
High Availability Notes Preemptive
1 -
High DP
1 -
Hostname
1 -
HTTP Partial Response
1 -
Idle Time
1 -
Included Networks
1 -
LDAP profile
2 -
LDAP Server Redundancy
1 -
Lockout Time
1 -
log retention period
1 -
Log Settings
1 -
Login Banner
1 -
Network connectivity
1 -
New App ID Threshold
1 -
NTP Server Address
1 -
NTP Server Authentication Types
1 -
PAN-DB URL License
1 -
Passive link
1 -
permitted ip addresses
1 -
Policy Hit Count
1 -
predefined reports
1 -
Radius Authentication Method
1 -
Rematch Sessions
1 -
Server Monitoring
1 -
Server Monitoring Protocol
1 -
ServerMonitorFrequency
1 -
session
1 -
Session Packet
1 -
Session Synchronization
1 -
Session Timeout
1 -
Severity Critical
1 -
Severity High
1 -
Severity Informational
1 -
Severity Low
1 -
severity medium
1 -
snmp
2 -
Support License
1 -
Syslog Server Profile
1 -
TACACS Authentication
1 -
TCP
1 -
Telemetry
1 -
Threat Prevention License
1 -
User ID Probing
1 -
User ID Timeout
2 -
Verify Server Update Identity
1 -
Wildfire License
1
- Previous
- Next
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks
