4 Replies Latest reply on Oct 15, 2014 12:11 PM by sliedl

    reinstate my primary firewall to existing cluster

    donli

      Hi all,

       

      My primary firewall FW2100 was down, and operations of the firewall was swing over to my secondary firewall. Firewall rules were added to this secondary firewall while my primary firewall was still down. Now i want to reinstate my primary firewall, as there are differences to the configuration, will there be impact? Pls advise. TIA!

        • 1. Re: reinstate my primary firewall to existing cluster
          PhilM

          If you set up the cluster in peer-to-peer mode I think you will find that the changes made to the second appliance will re-synchronize to the 'primary'.

           

          However, if you did configure the cluster as master/slave (primary/secondary - I can't remember which name it uses) when you bring the primary back into service yoy may well find that any changes made to the secondary will be lost the next time the secondary re-synchronizes with the primary.

           

          I have to confess I am unsure as I have been configuring clusters in peer-to-peer mode for so long now I can't remember exactly how the older master/slave configuration actually worked.

           

          -Phil

          • 2. Re: reinstate my primary firewall to existing cluster
            donli

            Hi Phil,

             

            Thank you for your reply. My cluster is set as primary/standby. There were alot of rules added to the secondary firewall. Is there any way to reinstate my original primary firewall to the cluster without losing the firewall rules added to the secondary firewall?

            • 3. Re: reinstate my primary firewall to existing cluster
              imanfauzi

              Hi Donli,

               

              if you change old secondary to new primary, then the old primary will be the secondary. then your old primary will get the rules from new primary (old secondary) or your cluster have to remove first, then create a cluster again with your secondary will be the Primary and your old primary will be secondary.

              • 4. Re: reinstate my primary firewall to existing cluster
                sliedl

                If you're at 8.3.2 and later then the primary will not overwrite the changes made on the secondary while the primary was offline.