Failover Settings
Here, you configure the firewall to enable it to communicate with the other unit of the failover team. Here is also where you change type between a standalone firewall and one which is a team member.
Dedicated interface
For the firewalls in the failover team to be able to synchronize configuration and check that the other unit is still functional, they need to communicate. The communication is sent over a dedicated interface on the firewall. This interface can't be used for any other traffic.
The dedicated interface to use
Select the interface to be used for communication with the other firewall of the team. This interface should be connected to the corresponding interface of the other firewall using a crossover TP cable.
Dedicated network
The failover team needs a network to use for its communication. This network must contain at least four addresses (one for each firewall, one network address and one broadcast address). You can dedicate a larger network if you like, but since the interfaces will be directly connected to each other, no more addresses will be used.
DNS name or network address
In the DNS name or network address field, enter the DNS name or IP address of the dedicated network.
Network address
Shows the IP address of the DNS name or network address you entered in the previous field.
Netmask/bits
Netmask/bits is the netmask that will be used to specify the size of the dedicated network. You must use a netmask of at most 30 (255.255.255.252). See chapter 4, Configuring Ingate Firewall, for instructions on writing the netmask.
Range
The Range shows all IP addresses of the dedicated network. The range is calculated from the configuration under DNS name or network address and Netmask/Bits. Check that the correct information was entered in the DNS name or network address and Netmask/Bits fields.
Failover type
The firewall can work Standalone or as a Failover team member. In Standalone mode, it works as a standard firewall. As a Failover team member, it still performs the usual functionality, but in addition, it communicates with the other team member to transfer configuration when changed. The team members constantly check whether the other unit is alive.
Change failover type for the firewall from standalone to team member or from failover team member to standalone. When you change type, the firewall will reboot.
Create new team
Press Create new team to create a new failover team.
If the firewall was standalone, it will reboot and then listen for its team partner on the dedicated interface, to transfer its configuration.
Deactivate failover
Disconnect the other firewall in the team (or turn off the power) and press Deactivate failover to make the firewall standalone again.
Save
Saves all Failover Settings configuration to the preliminary configuration.
Undo
Clears and resets all fields in new rows and resets changes in old rows.
Look up all IP addresses again
Looks up the IP addresses for all DNS names on this page in the DNS servers you entered on the Basic Configuration page.