In some cases it might be necessary to use an alternate method of cluster formation when you need to bypass the FireCluster auto-discovery process.
For example:
- To more easily troubleshoot cluster members that do not join the cluster with the auto-discovery method because of network issues or a Fireware version mismatch. The alternate method enables you to view error and log messages about reasons why the cluster was not formed.
- If you want to use the network module interface of a Firebox to form the cluster instead of one of the built-in network interfaces.
- To configure a FireCluster with FireboxV. For more information, go to Configure a FireCluster on VMware ESXi.
With this method, you save the FireCluster configuration separately to each Firebox:
- Enable FireCluster on a single Firebox that is already installed on your network.
- Use Policy Manager to save the same cluster configuration to the second cluster member.
- You can then connect the second Firebox to the first Firebox and to the network.
Configure a FireCluster with the Alternate Method
To configure a FireCluster with the alternate method:
- Use Policy Manager and the FireCluster Setup Wizard to enable and configure FireCluster on the first Firebox. To configure the FireCluster you must have the feature key for both cluster members.
- Save the configuration to the IP address of the first Firebox.
- Connect your management computer to the second Firebox.
- In Policy Manager, save the same configuration to the IP address of the second Firebox.
When you save the configuration to the second Firebox, Policy Manager displays a warning if the IP address you specify does not exist in the configuration file. Because you want to replace the existing configuration, click Yes to confirm that you want to save the file.
- Connect the Firebox cluster members to each other and to the network, as described in Connect the FireCluster Hardware.
The cluster forms automatically.
Verify the FireCluster Status
To verify that the cluster has formed, connect to a configured interface IP address for the cluster in WatchGuard System Manager or Fireware Web UI. For more information, go to Monitor and Control FireCluster Members.
If the cluster does not form, recheck the connections, particularly the connection between the primary cluster interfaces on each member. For more information, go to Troubleshoot FireCluster.