UTM Cluster Management

Firmware management, updates, configuration management and maintenance mode

Last adaptation to the version: 12.6.2

New:

Bessere Unterscheidung der Cluster-Geräte durch modifizierten Header
Hinweis: Wartungsmodus ist nicht persistent
Dialog for adjusting the Interface assignment on the remote station (v12.6.1)
Synchronization of Spam indicators and GEO-IPs (v12.6.1)
Updated to Redesign of the webinterface (v12.6.0)

notempty

This article refers to a Resellerpreview

12.5 12.4 11.7

Preliminary note

Cluster configuration UTMuser@firewall.name.fqdn (passive cluster)Network Passive member of the cluster (Spare)

Before the update is carried out on the cluster system, the functionality (see description "Test procedure") must be tested with the current version.
If the test is not successful, the update process may be disrupted.
In order to quickly distinguish between the master UTM and the spare UTM, the header of the spare UTM is gray and the path of the device is titled (Passive Cluster). notempty
New as of 12.6.2

Settings in the tab Management

Firmware Firmware
Caption	Value	Action	Description	Cluster configuration UTMuser@firewall.name.fqdnNetwork Management tab
Installed firmware of the remote terminal:	12.6.1		Displays the used firmware version of the cluster partner. Clicking the button updates the information.
Installed firmware of the remote terminal:	12.6.1		Installed version: 12.6.1 Available version: 12.6.1.1 (Newer version) Available version: 12.6.0 (Older version) Hovering over the version information displays information about the versions available in each case.
Locally installed firmware:	12.6.1		Displays the locally installed version. Clicking the button transfers this firmware version to the remote terminal. Only possible if the local version is newer (highlighted in green) than the version of the remote terminal
Locally available firmware:	- 12.6.1		Displays a locally available version if it is newer than the locally installed version. Button is disabled if the local version is not newer (grayed out) than the version installed on the remote terminal.

Configuration Configuration
Synchronize configuration:			Transfers the local configuration to the remote terminal notempty New as of v12.6.1: Checking the interfaces through dialog (see image) If the assignment is not adjusted, these interfaces are marked as Unmatched on the Spare UTM (see figure on the right) Synchronization of virus patterns and mail archive hashes (spam) The Bond interfaces are only configured on the master The configuration of the bond interfaces is completely transferred to the spare during synchronization Exception: The host MAC address is not' synchronized During initial synchronization, an address of the interfaces involved is automatically selected as the host MAC address on the spare A subsequently selected MAC address on the spare is not changed by subsequent synchronization	Synchronize configuration: Check interfaces Unmatched interfaces on the remote station
Reset configuration:			Resets the cluster configuration of the local UTM to factory defaults (Requires additional confirmation).

Maintenance Mode Maintenance Mode
Maintenance Mode:		Off	On Activates the maintenance mode The maintenance mode is used to switch to the spare in a controlled manner and prevents multiple switching in the case of several individual steps (update, change IP addresses etc.) The services available in maintenance mode are configured in the wizard in step 4 or under Network Cluster configuration Area Applications. The UTM is not accessible via the virtual IP in maintenance mode, but only via a fixed IP address. In maintenance mode, the spare does not become the active cluster member if the master fails! Maintenance mode is not persistent. After a restart (e.g. during an update) maintenance mode is not active CLI commands for maintenance mode can be found in a separate Wiki article.

Firmware updates in the cluster

Update Spare

Step 1 Update Spare

An update version of the firmware must be available. If necessary download the latest firmware under Extras Firmware Updates with the button Download latest firmware.
The update should first be installed on the spare.
The installation first on the spare allows e.g. a review of the settings and hardware compatibility

If the Spare does not have Internet access, the update version can be transferred from the Master to the Spare under Network Cluster Settings Area Management (see section Firmware).
Installation in menu Extras Firmware Updates Button Start trial run

Testing Spare

Step 2 Testing Spare

After the update has been installed on the spare, the web interface of the spare UTM is opened. Here select the option Ask again later.
Check if the update has been installed properly.
If the result is positive, finalize the update under Extras Firmwareupdates Button Complete test run.
If problems occur, the Cancel trial run button can be used to roll back.

If the test run is not completed, the UTM automatically performs a rollback at the next startup!

Update Master

Step 3 Update Master

Before the update is installed on the Master, the maintenance mode should be activated here under Network Cluster Settings Area Management (see above) should be activated
Now the update can be installed on the master UTM. During the installation of the update, the master UTM is restarted in the meantime. Maintenance mode is not persistent. The master becomes the active device again after the reboot.

Testing Master

Step 4 Testing Master

If the maintenance mode has not been activated, the master UTM takes over the role of the active UTM as soon as the update has been successfully installed and the master UTM has booted up again.
If the maintenance mode has been activated, the web interface of the master UTM can be called up first to check whether all functions are working properly.
The firmware should not be finalized when logging in for the first time.
If the result is positive, finalize the update under Extras Firmwareupdates Button Complete test run.
If problems occur, the Cancel trial run button can be used to roll back.

If a rollback is performed on the master, this must then also be performed on the spare so that both cluster partners have the same firmware version. Older version Start trial run

If the test run is not completed, the UTM automatically performs a rollback at the next startup!

Finally, the maintenance mode must be deactivated.

Test of the cluster functionality

After the update has been installed on the UTMs, the cluster functionality should still be tested in the event of a failure of the HA interfaces to ensure that the cluster behaves properly in the event of a failure.

notempty

If problems occur after the update, a rollback to the previous version can be performed.

Simulation: Failure of the master UTM

Test: The master UTM must be shut down properly via the interface.
Expected behavior: The spare UTM takes over the function.

Simulation: Failure of an HA interface on the master UTM

Test:The network cable must be removed from an HA marked interface.

This test should be carried out with each HA interface.

Expected behavior: The spare UTM takes over the function.

Synchronisation of the configuration

Test: After the successful test, the synchronisation of the configuration between the master and spare UTM must be tested.
Expected behavior: The synchronisation of the configuration takes place without errors.