Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

HA configuration for NSv on hyperV

MarkDMarkD Cybersecurity Overlord ✭✭✭

Is there a base guide for the configuration of a HA pair with OS7 - obtaining keys etc, the guide refers to another document which does not exist, a secondary unit has 0000000 SN until activated.

I've got the secondary HA SN from my SonicWALL as an associated product, created a HA link on an external Vswitch with dedicated VLAN and secondary in factory default.


On the primary the Secondary Device is added and both NSv are using the same X4 interface VLAN for Control

Category: Virtual Firewall
Reply

Answers

  • Not NSV specific but its pretty much the same thing assuming you have connecting them properly to the necessary vswitches or port groups.


    https://www.sonicwall.com/techdocs/pdf/sonicos-7-0-0-0-high_availability.pdf

  • IT_GuysIT_Guys Newbie ✭

    I could use the admin guide on the 870NSv for the same reasons...

  • MarkDMarkD Cybersecurity Overlord ✭✭✭
    edited September 2021

    I managed to get this working to a point the secondary needs direct internet access from X1 (another IP address), then activating using the supplied key - however after activation, the seconday insisted it wanted to be the primary, spent 10 minutes arguing with the real primary and dumped itself back to default.

    As mine is a live environment with a large quantity of servers and users, I dont get any reassurance that it wont destroy the current setup.

    At the moment its on hold...

  • IT_GuysIT_Guys Newbie ✭

    Yeah, I am in the process of a migration from NSA 5600 HA Pair to an virtual Active/Passive NSv 870 pair... and can not even start the firewall build as I can not get the HA to work... and do not see to be able to find an admin guide, HA config guide... or really any documentation on the NSv 870...

  • MarkDMarkD Cybersecurity Overlord ✭✭✭

    Someone at SW does need to do a buld guides for Hyper V, VMware

    Heres what I did.

    primary firewall allocate X0 IP through the CLI, then admin as normal via the UI

    configure the WAN IP and activate the unit.

    Set a HA interface, and serial number. I used X4 then added nic adapters to the Hyper V machine L3 mode off (I created a VLAN shared between the primary and secondary only and attatched the the Hyper V clusters converged Vnic)

    Obtain the HA unit activation key from SW portal - that took some finding, eventually found the secondary unit, but then needed to search the SN of the secondary to get the activation key, its not shown under the HA device.

    Secondary allocate X0 IP through the CLI, then admin as normal via the UI

    Configure ANOTHER IP for the X1 interface, and apply the activation once activated

    Set the same X4 interface as HA.

    And thats as far as I got before it went pear shaped!!! The HA unit wanted to be primary and after 10 minutes rebooted to a default state.


    You may have more luck not being a live system.

  • IT_GuysIT_Guys Newbie ✭

    Yeah, no documentation for On-Prem.... Azure / AWS... but there are differences that prevent completion... Ugh.

Sign In or Register to comment.