Applies To: Locally-managed Fireboxes
If you add an active/passive FireCluster to WatchGuard Cloud, you can force the cluster master to fail over in WatchGuard Cloud. The backup master becomes the cluster master, and the original master device becomes the backup master.
To fail over an active/passive cluster in WatchGuard Cloud, cluster members must run Fireware v12.7.1 or higher (or v12.5.8 or higher for T10, T15, T30, T35, T50, M200 and M300 Fireboxes). To upgrade a cluster from lower Fireware versions, you must use Policy Manager or Fireware Web UI. After the upgrade, you can fail over a cluster in WatchGuard Cloud, and you can reboot and upgrade the cluster in WatchGuard Cloud. For information about local cluster upgrades, see Upgrade Fireware OS for a FireCluster.
For more information about FireCluster failover, see About FireCluster Failover.
The Fail Over Master option is available only for active/passive FireClusters.
To fail over an active/passive cluster in WatchGuard Cloud:
- Sign in to your WatchGuard Cloud Subscriber account.
For Service Providers operators, from Account Manager, select My Account.
- Select Configure > Devices.
- Select the FireCluster. For an active/passive FireCluster, the cluster master status is Connected. The backup master status is Not Connected. In our example, Member1 is connected, which means it is the cluster master. Member2 is the backup master.
- Click Fail Over Master.
The Fail Over Cluster Master dialog box opens.
- Click Fail Over.
The message "The cluster master will force a failover soon" appears briefly. Both members have the status Not Connected during failover.
- After the failover completes, verify that the original cluster master is now the backup master. In our example, Member1 was the original cluster master (the only connected cluster member). After failover, Member1 is now the backup master (the only disconnected cluster member).
For information about log messages related to FireCluster failover, see Manage FireCluster Logging in WatchGuard Cloud.