Fail Over a FireCluster in WatchGuard Cloud
Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes
If you add an active/passive FireCluster to WatchGuard Cloud, you can manually force the cluster master to fail over in WatchGuard Cloud. The backup master becomes the cluster master, and the original master device becomes the backup master.
- The Fail Over Master option is available only for active/passive FireClusters. You can fail over cluster members that belong to a cloud-managed FireCluster or a locally-managed FireCluster.
- Some events cause the FireCluster to automatically fail over. For information about automatic failover, go to About FireCluster Failover.
To manually fail over an active/passive locally-managed cluster in WatchGuard Cloud, cluster members must run Fireware v12.7.1 or higher (or v12.5.8 or higher for T35 Fireboxes). To upgrade a locally-managed cluster from lower Fireware versions, you must use Policy Manager or Fireware Web UI. After the upgrade, you can fail over a cluster in WatchGuard Cloud, and you can reboot and upgrade the cluster in WatchGuard Cloud. For information about local cluster upgrades, go to Upgrade Fireware OS for a FireCluster.
To manually fail over an active/passive cluster in WatchGuard Cloud:
- Log in to your WatchGuard Cloud Subscriber account.
For Service Provider operators, from Account Manager, select My Account. - Select Configure > Devices.
- Select the FireCluster. For an active/passive FireCluster, the cluster master status is Connected. The backup master status is Not Connected. In our example, Member2 is connected, which means it is the cluster master. Member1 is the backup master.
- Click Fail Over Master.
The Fail Over Cluster Master dialog box opens.
- Click Fail Over.
The message "The cluster master will force a failover soon" appears briefly. Both members have the status Not Connected during failover.
- After the failover completes, verify that the original cluster master is now the backup master. In our example, Member2 was the original cluster master (the only connected cluster member). After failover, Member2 is now the backup master (the only disconnected cluster member).
For information about log messages related to FireCluster failover, go to Manage FireCluster Logging in WatchGuard Cloud.
To view the live status of a FireCluster, and to see a list of historical FireCluster events, go to Monitor FireClusters.