FDM 6.3 HA Setup and Manual Switchover

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello this is Jonathan Pike coach and today I'm going to be showing you how easy it is to set up high availability with fire power device manager in the prior video I had already set up the primary fire power threat defense device but I need to do the secondary one now which is ngf w3 at the top of your screen and setup the outside interface IP addresses subnet network mask and of course the gateway I'll need to set up DNS IP addresses for the management interface and if I want to change the hostname I can I'll need to set ntp I'll set it to Denver once again go Broncos I'll need to do the same thing start my 90-day evaluation period with that registration and then I'll do a quick interface config I'll enable Gigabit Ethernet 0 / 2 for our failover interface and I'll deploy these changes to the secondary next-gen firewall on the primary next-gen firewall - I'm gonna go ahead and click configure for high availability I'll make this guy the primary device I'll use gig 0 - is my failover link I'll put in my primary IP address for that failover link should be 1 dot 0 dot 0 dot 1 I'll put in my secondary IP address for that failover link 10.0.0.0 mask and then if I want to I can define all of these IP addresses exactly the same over on this side or different for my failover state but what's important is I can also use them for that failover link if I click on that box I want an IPSec encryption key I can put that in there but for the interest of today I'll just click activate Ajay will also see that the a che configuration was copied at the clipboard and I can paste that into the second area once I'm done deploying that change I'll go ahead and click got it and I will go back over to Angie fw 3 which is our secondary device i'll configure h a on this one I'll click the role of secondary device and I'll paste the config in given to me from the primary click OK and you'll see that everything is populated I'll click activate H a and we will go through the H a deployment process and as you can see that deployment was very easy to do and I enjoy things that are easy to do so after we get coffee after about 5 minutes we should see that H async has completed will now see that the primary ng FW is the active H a peer and if we click on the failover history we'll see the smart CLI console which will list the transition states if I look at the secondary ng FW I'll see that it's part of the ng FW pair and it's currently in the standby state now let's go ahead and test a manual H a switch over to transition between primary and secondary or active and standby in our case on these and just ng FW pairs to perform this manual switch over will need to be in a high availability page and a primary firewall will click our little widget icon and we'll go ahead and switch the mode to standby we'll see on our secondary device is now active and the peers standby if we want to switch back over we do the exact same thing click on the widget and switch the mode and now the secondary standby and the primary is active again thank you for your time today this concludes the firepower device manager H a setup and testing of high availability thank you

Info

Channel: Jonathan Paykoc

Views: 2,752

Rating: undefined out of 5

Keywords: NGFW, Firepower, FDM, Cisco

Id: myE8aIgFFeE

Channel Id: undefined

Length: 5min 55sec (355 seconds)

Published: Sun Jan 27 2019