Dynamic PPPoE connection TZ670 in HA setup
Jour Newbie ✭
A customer of us have a TZ670 in High Availability setup with a PPPoE fiber internet connection.
The High availability is configured in stateless mode since stateful does not work with PPPoE. The enable virtual mac option is enabled and there is a switch between the ISP modem and the HA setup.
We did test multiple fail-over tests but this was very bad before there was any connection available at the secondary. We had to wait around 10 minutes before the secondary unit had a ping reply at the WAN IP address.
Has any one experience with a situation like this?
Category: Entry Level Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
Hi @Jour I can only speak for Gen6 in HA with PPPoE and there it usually takes 1-2 Minutes when the failover happens.
Hopefully this isn't getting worse with Gen7 because I'am somewhat before replacing some Gen6 Installations, including HA.
Fyi, I am using stateful HA (Gen6) with 2 PPPoE interface and its working fine & the fail-over happening in 1-2min.
Stateful HA will provides Improved reliability & Faster Failover performance.
Hi @Ajishlal ,
Thank you for the information provided.
Do you also have a switch between ISP modem and SonicWALL's? Just try to figure out if there's a problem in the setup.
But it's good to hear that it works for others in Gen 6 with a fail over time of 1-2 min. I am a little bit confused that stateful works in your situation. The documentation of SonicWALL (G6 and G7 says that stateful should be disabled), but of course this is very useful information.
Yes. I do have switch in between Firewall & ISP Modem.
@Ajishlal ,thank you for sharing this with me.
Do you have any VLAN's configured on the WAN switch? Don't know if the sysadmin of that company have done that, but maybe useful to know.
Yes 3 VLAN has been configured for each WAN connection.