Add Static ARP Entries for an Active/Active FireCluster

An active/active FireCluster uses a multicast MAC address for each active interface connected to your network. The active/active FireCluster sends this multicast MAC address across the network.

For some switches, you might need to add static ARP entries for each layer 3 network switch connected to the FireCluster traffic interface. Otherwise, network communication might not work properly. You can use Policy Manager to add the static ARP entries to the FireCluster.

To add static ARP entries to your device configuration, from Policy Manager:

  1. In WatchGuard System Manager, use the configured cluster interface IP address to connect to the FireCluster. Do not use the Management IP address.
  2. Click Open Policy Manager button screen shot.
    Or, select Tools > Policy Manager.
    Policy Manager appears.
  3. Select Network > ARP Entries.
    The Static ARP Entries dialog box appears.
  4. Click Add.
    The Add ARP Entry dialog box appears.
  5. In the Interface drop-down list, select the interface for the layer 3 switch.
  6. In the IP Address text box, type the IP address of the network switch.
  7. In the MAC Address text box, type the MAC address of the switch. Click OK.
    The static ARP entry is added to the Static ARP Entries list.
  8. Repeat Steps 4–7 to add static ARP entries for each switch that is directly connected to each interface of the FireCluster.
  9. Click OK.
  10. Select File > Save > to Firebox to save the static ARP entries to the FireCluster.

You must also configure the network switches to work with the active/active FireCluster. For more information, go to Switch and Router Requirements for an Active/Active FireCluster.

For an example of how to configure two switches for an active/active FireCluster, go to Example Switch and Static ARP Configuration for an Active/Active FireCluster.

Related Topics

About FireCluster

FireCluster Diagnostics