Showing results for 
Search instead for 
Did you mean: 
Create a Post

Replace failed cluster member

Hi all,

unfortunately, one of my 4800s has decided to kick the bucket (getting RMAed). It is a part of a two member cluster. I am asking support too, but I wanted to know what you all think is best practice to replace the bad member. Basically, pulling out the bad member and introducing the new firewall into the cluster with no downtime.  

Is there official documentation too?

0 Kudos
4 Replies

Re: Replace failed cluster member

If you have a backup, restore it, then re-establish SIC and you should be good to go. If you don't have a backup, you'll need to obviously reconfigure the OS/interface via Gaia admin page (if you're on Gaia).

1) Go through the gateway initialization wizard as normal (via web)

2) Restore/rebuild config

3) Re-establish SIC

4) Push acccess policy then threat

Re: Replace failed cluster member

Sounds about right.

If you're not using snapshot, remember:

- to install all hotfixes that you have on the other system.

- if you had any special settings in fwkern.conf, copy those

- remember to set CoreXL and sim affinity if not default

- we usually copy SSH keys too as we use password less access.

Good luck

0 Kudos

Re: Replace failed cluster member

Thanks all, 

This is basically what I assumed. At what stage should I get the new license installed?

Re: Replace failed cluster member

You can do it first thing when you build the box. 

0 Kudos