08-05-2020 01:52 AM
We are going to configure Active-Passive HA for PA3250. Primary and secondary device both at different locations , distance - 25 Kilometer.
Location A ( Primary FW) --- L2 switch -------------P2P link 60 Mbps-------------------------L2 Switch -------Location B ( Secondary FW)
For above scenario , can we use common P2P link for HA1 and HA2 ? We will use non-overlapping subnet for HA1 and HA2 connectivity .
Which HA timer setting need to check for heartbeat and ping ? How we can check ms or ping response between primary and secondary firewall for HA1 and HA2 interface?
08-05-2020 02:17 PM
I would really caution against doing this over a P2P link, which I assume would be wireless? The chance that something would take down that link and leave you in a split-brain scenario would be much too high for my liking. That being said, it would absolutely work from a functional aspect.
This document will give you everything you could possibly want about failover optimizations, but the piece you'll want to look at is the HA Timer Configuration Considerations. Note, while this document is older, everything on it is still viable.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
