ScreenOS Firewalls (NOT SRX)
Reply
Contributor
speedpill
Posts: 42
Registered: ‎07-20-2010
0

SSG 550M High Availability configuration

Hello,

 

Can anyone provide the basic configuration for high availability config of two 550M firewalls? Is it enough if we just connect an HA cable between the 0/3 port to configure HA. I am looking at the following link

 

http://www.juniper.net/techpubs/hardware/netscreen-systems/netscreen-systems60/HW_SSG500M_600.pdf

 

Thanks

Super Contributor
Moerkholt
Posts: 169
Registered: ‎11-05-2007
0

Re: SSG 550M High Availability configuration

Hi

 

The below lines are from a SSG550M running HA using eth03

 

Device1:

set nsrp cluster id 1
set nsrp rto-mirror sync
set nsrp vsd-group master-always-exist
set nsrp vsd-group id 0 priority 50
set nsrp vsd-group id 0 preempt
set nsrp vsd-group id 0 preempt hold-down 5
set nsrp arp 8
set nsrp secondary-path ethernet0/0
set nsrp monitor interface ethernet0/0
set nsrp monitor interface ethernet0/1
set nsrp monitor interface ethernet0/2
set nsrp ha-link probe interval 5

 

Device2:

set nsrp cluster id 1
set nsrp rto-mirror sync
set nsrp vsd-group master-always-exist
set nsrp vsd-group id 0 priority 100
set nsrp vsd-group id 0 preempt hold-down 5
set nsrp arp 8
set nsrp secondary-path ethernet0/0
set nsrp monitor interface ethernet0/0
set nsrp monitor interface ethernet0/1
set nsrp monitor interface ethernet0/2
set nsrp ha-link probe interval 5

 

 

Regards

Hans
JNCIS-FWV

If this worked for you then please flag my post as an "Accepted Solution" so others can benefit from it. A kudo would be nice if you think I earned it
Distinguished Expert
spuluka
Posts: 2,562
Registered: ‎03-30-2009
0

Re: SSG 550M High Availability configuration

The basic setup steps are covered and explained in KB9809.

 

http://kb.juniper.net/InfoCenter/index?page=content&id=KB9809

Steve Puluka BSEET
Juniper Ambassador
Senior Network Engineer - UPMC Pittsburgh, PA
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC
JNCIS-FWV JNCIS-SSL
MCP - Managing Server 2003 MCP - Windows XP Professional
MCTS Windows 7
http://puluka.com/home
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.