Firebox cluster public IP
I have 2 WG firewalls in a cluster. Each of the 2 firewalls have a cable going to WAN to ISP. How can I find out what public IP each WG is using?
0
Sign In to comment.
I have 2 WG firewalls in a cluster. Each of the 2 firewalls have a cable going to WAN to ISP. How can I find out what public IP each WG is using?
Comments
For an A/A cluster, doesn't the Web UI show the external IP addr of the firewall you connect to when connecting to the trusted IP addr of the firewall?
Yes, so when I connect to the web UI, and look at external IP, I see one public IP. Is that for both firewalls?
Both WGs have a different LAN management IP, so when I login to each LAN ip, and look at external interface, it shows the same public IP.
The reason I'm asking is because I remember someone from my company saying each WG have a different public IP.
Yes.
For A/P, just one firewall is active and holds the the external IP. This is done using VRRP.
Active/Passive Cluster ID and the Virtual MAC Address
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/ha/cluster_ap_cluster_id_wsm.html
For A/A, Multicast MAC Addresses is used to share the interface IP addr.
Find the Multicast MAC Addresses for an Active/Active Cluster
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/ha/cluster_view_multicast_mac.html
Also see:
Switch and Router Requirements for an Active/Active FireCluster
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/ha/cluster_aa_multicast_wsm.html