FireCluster - add second firebox
Hello,
a piece of advice, I should migrate the configuration from the current FireboxV to one of 2 M395, make it work by migrating the configuration (same trusted IP, same IPs of 2 ISPs (WAN), etc) and then create a FireCluster A/P. Now it accesses from (wsm or UI) using "192.168.0.7" which is also the gateway for LAN clients. From what I understand in the FireCluster creation phase I have to associate a different IP to each firebox, fb1 = 192.168.0.2 and fb2 = 192.168.0.3, is there a way to leave "192.168.0.7" as the Cluster IP? Right?
0
Sign In to comment.
Comments
Hi @NexusTK
The best way to do this would be to use the existing gateway IP for that network as the cluster IP, and during the firecluster setup, choose IPs for both devices on the management network. This is how the setup would flow normally, so there isn't anything special you need to do.
If your can run your FireboxV for a bit while you cut over, I would suggest making a new configuration and building out a new set of policies. This gives you a chance to audit all of your firewall policies and remove old/defunct policies that aren't needed anymore.
-James Carson
WatchGuard Customer Support