Cisco Cisco Firepower Management Center 4000
6-10
FireSIGHT System User Guide
Chapter 6 Managing Devices
Configuring High Availability
If one of the Defense Centers in the high availability pair must be reimaged, disable the high availability
link first. After you reimage the Defense Center, re-establish the high availability pair and the data
synchronizes from the existing Defense Center to the newly added Defense Center. If a Defense Center
cannot be reimaged (for example, the appliance has failed), contact Support.
link first. After you reimage the Defense Center, re-establish the high availability pair and the data
synchronizes from the existing Defense Center to the newly added Defense Center. If a Defense Center
cannot be reimaged (for example, the appliance has failed), contact Support.
To set up high availability for two Defense Centers:
Access:
Admin
Step 1
Log into the Defense Center that you want to designate as the secondary Defense Center.
Step 2
Select
System > Local > Registration
.
The Registration page appears.
Step 3
Click
High Availability
.
The High Availability page appears.
Step 4
Click the
secondary Defense Center
option.
The Secondary Defense Center Setup page appears.
Step 5
Type the hostname or IP address of the primary Defense Center in the
Primary DC Host
text box.
Caution
Make sure you use hostnames rather than IP addresses if your network uses DHCP to assign IP
addresses.
addresses.
Note that you can leave the
Primary DC Host
field empty if the management host does not have a routable
address. In that case, use both the
Registration Key
and the
Unique NAT ID
fields.
Step 6
Type a one-time-use registration key in the
Registration Key
text box
Step 7
Optionally, in the
Unique NAT ID
field, type a unique alphanumeric registration ID that you want to use to
identify the primary Defense Center. See
Step 8
Click
Register
.
A success message appears, and the Peer Manager page appears, showing the current state of the
secondary Defense Center.
secondary Defense Center.
Step 9
Using an account with Admin access, log into the Defense Center that you want to designate as the
primary.
primary.
Step 10
Select
System > Local > Registration
.
The Registration page appears.
Step 11
Click
High Availability
.
The High Availability page appears.
Step 12
Click the
primary Defense Center
option.
The Primary Defense Center Setup page appears.
Step 13
Type the hostname or IP address of the secondary Defense Center in the
Secondary DC Host
text box.
Caution
Make sure you use hostnames rather than IP addresses if your network uses DHCP to assign IP
addresses.
addresses.
Step 14
Type the same one-time-use registration key in the
Registration Key
text box you used in step