Home‎ > ‎Barracuda‎ > ‎

Putting WAF in HA mode


The Barracuda WAFs can be configured so that there is a backup unit that monitors the health of the primary, and takes over if the primary goes down.  

The health checking, and syncing, is done from the backup unit.  The backup checks the configs of the primary every few minutes, so the two might not have synced up configs right after a change is made to the primary.  

Creating a Cluster: 

Get the box up: 

First go to the secondary WAF, and install the initial configuration including the WAN and LAN IP's, DNS, and Activation. (Everything else can be sucked in from the primary unit once it's synced.)

Primary Box: 

From the Basic Tab, under the Status sub-tab, confirm that the current setting is that the device is in Stand-alone mode

Set the shared secret code by going to the Advanced tab and the High Availability sub-tab, and pasting in a random code.  Then also select to monitor the WAN and LAN links, and select Save Changes.  

Backup System: 

Like in the primary unit, set the shared secret code by going to the Advanced tab and the High Availability sub-tab, and pasting in a random code.  Then also select to monitor the WAN and LAN links, and select Save Changes.

Then below, (in the High Availability sub-tab) enter in the IP of THE PRIMARY unit, and select Join Cluster.  

When this is complete, make sure that (C) the Failback Mode is set to Manual, and that under the Clustered Systems section (D) the two boxes in the cluster are listed.

You can also confirm that the unit is properly running as the backup unit by going to the Basic tab, and Status sub-tab, and noting that the High Availability Status is listed as Backup Standby