Requirements to run VRRP on NG Firewall

You can run multiple NG Firewalls in parallel. NG Firewall uses VRRP (Virtual Redundancy Router Protocol) to handle all of the switching between the NG Firewall servers.  

There are only a few requirements in order to run VRRP on NG Firewall successfully:

  1. All NG Firewall servers must be turned on in order to participate. This may sound obvious, but it must be noted. 

  2. All NG Firewall servers must be configured with the same shared VRRP virtual address on each interface participating in the VRRP configuration. This means that you will need at least three IPs: one for each server, and the virtual IP to be shared between all devices. You will enter the virtual IP on each server under VRRP Aliases
    aliases.png

  3. All participating NG Firewall interfaces must be configured statically. This means that the IPv4 configuration must be set to static. 
    static.png

  4. All participating NG Firewall interfaces must be addressed, no bridged interfaces. Parallel NG Firewalls configured as bridges will create a bridge loop. 
    static.png

 

 

Follow
Was this article helpful?
2 out of 7 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Powered by Zendesk