Fortinet NSE4_FGT-7.2 — FortiGate Firewall — Section 1: FortiGate Firewall V6.4 1 Part 43
60. Lecture-60: High Availability HA Active-Passive Lab.
Yesterday, we discussed the issue, what is issue, and we call them high availability, cluster red and white instead of dementia and all those things, and we discuss theoretically that we need a backup solution. And this backup solution, we call them a tendency of high availability. And we saw that every year you will find out a tendency like even when we have redundant power supply, redundant link we have in an area which we call them hard. And so we have exertional we have VSS switches, which we can figure out of our tendency. We have HSP we are a be BP for redundant gateway. Why do we need. Definitely is the high demand up nowadays. Everybody one that we did the we don’t need either. We not report any downtime.
So, definitely they need high availability. Then we started therefore to get fardella can be deploying to in high availability active passive. We are one for one will play the role of active which we call the master and how we can choose them. Just give them high priority and the highest priority if I mention them. Okay, I did not mention I will show you during the day and then give them less priority. The other five to one and there will be Dooling one. Edgerly will be used. The other is just like a backup solution.
So, we are using too far. What about a backup solution? The same we are using two interfaces is a backup solution and we give high priority to one firewall to make them master the same. We can set it chain link higher priority to make them. Then this link will work. This link will not work until this link is available.
So, we can do this thing as well, then activate do. And I told you most of the time you will see active passive. But make do again, it doesn’t mean they’re bored, the foreign workers are again, there will be one master and one slave. The master will take the traffic and it will distribute to the slaves that you are to process the traffic, and I will also process the traffic and most of the time for Bc5 is.
So, it means a deal doesn’t mean that more the firewall will work on the same time for every type of traffic and for doing it and following two years, it’s possible both the firewall will work. But this really complicated to deploy them, you have to segregate your environment to push the traffic to one firewall and segregate the environment to push the other one. This way, nobody required this activity deployment here when we PXP station will be distributed.
So, again, one final one will be musterer, but that will also work to help the master one and it will process the traffic on the same time as well. But it doesn’t mean that both will be showing activity. You know, again, one will be master and the other will be slim. But slim in this case, really work. While an active passive slave will never do anything, it will just synchronize. And whenever the master is done, it will take whatever will process the traffic. This startling difference to way you really discuss about how prerequisite, what you need, same model, the same operating system, same interface is the only thing can be different is hostname and priority. And everything has to be same, same license, same everything. Then you can apply it between two for one. Then you discuss about high reliability link.
So, they are using ether really, which we will capture today. And I will show you Eastertide, really. They have some specific type in Google. You will see these are special value for every item that we do, like a little tool that is not using any. They are using a beeper. We drive it through again today in the late. And you can connect too far while you always give one for each ending regarding achieving one link with one another, we’ll just watch out.
So, on one link is Don, for some reason, the other way to start work. This would we discuss it well, then we discuss some terminology, we’re definitely one of our what is not working out, that is what we call this their failure heartbeat. They are sending the packet.
So, if one final one is not replying so differently that that will take one, then you can monitor the link is, well, maybe the device is up, but the brain interface not is used in real life. We normally monitor when interface if their brain interfaces don’t do it. Did what I did. And priority is a value value, numerical value, which we report to give interface priority, are the first one to give priority. And we we’re definitely we will see what right is. What I said is nothing but important. Do we call them? What is the name? We call them in Cisco. We call them. Yes, yes. Yes, yes. Preemption. Yes. I’d forgotten the names of preemption.
So, we call them preemption.
So, whenever the first part to come up, for some reason, most of us don’t it come up and you said no, make them as a monster again, then you have to enable. All right. And there we call them preemption. We will see that one session pick up. We will see that to synchronize both the firewalls in case of one firewall is gone. The other firewall will take care of our acquisition, which is already established, located in SSH or HHTTP Sadhus, are using TCP, IP based and UDP doesn’t require any station to be created.
So, that’s why we don’t care about UDP. Definitely it will be driven away in a heartbeat, but definitely they’re using hard beat. But you can make them unicast. You will see this option as well.
So, let’s move to the first. We’ve been active passive lib district apology. We will we will take two switches support. This is our land. We are already done.
So, this time we will use DTP to prototype into the system automatically. Why not destroy BTP as we bought one is our inside and bought one will be used for our state and also for our management as well, rather than to our a new system and create the management. Why not use this one for our purposes? And you can use a glorified Internet purpose and bought three and four we will use for each each one and each year to even give high priority to Baudry to make them one and for three years a become. Photographer for one, we will give them high priority to make them is a master and for to get to we will give them less priority to make them as the second intifada one arduously.
So, this is the answer, that cluster or just the fact that this is the you can make cluster is more than two for one, you can make them as a cluster. It’s also possible. But here in the course, we will do a practice active, passive and active, active. But it can be more than two for a while then. And their terminology, because they cluster more them.
So, this is our IP schema for our primary field while we are using three interfaces for interfaces. By the way, it works for Egypt and it’s your makeup. And one is what our third one is for the insert.
So, this is our IP schema, one we will use insert and this guess my externalise one one for what the units mentioned, one to two. The same will be here, okay, it will inherit everything and each one each year. Two doesn’t require any of these because they are using two technology to no need of this one because they will use DCP is I told you you can put directly as well static. What is better to use BTP reality than BTB? DNS definitely. We will use Google DNS and first we will do it to passive.
So, Maston, we will assign them high priority to make them master and then the slavey will assign them 50, either 60, whatever group name, we will give them a group name. It has to be the same on board for one.
So, each whatever you give them and hardboard, which is a chilling portrait and fought for.
So, let’s go to live and here let’s go to Iraq to fight one.
So, this is my one fight one and this is second fight one. Now I need two stages.
So, let me take one switch here and one switch this side. Now I need lines, so let me take this one to the middle and I need some long lines so done on which we can use them. One, two, three is enough. These three are right now okay. These are my three ply external. I need net CloudFlare, Internet plus.
So, this is the Internet blog. Okay, and let me change the name and to make it okay, then we can take this to the switch and from switch. Connect to Port one, and here I’ve sort of bought one from here, it will connect to port. Two, and here are support to. And I don’t care about these. Okay, should we connect anywhere? These are my insert line representing Inside Line.
So, let me start this switch to the IP by this DCB and start and start this one and start this one.
So, it will start and what we will do. Let me make it proper. And select and let me and I’m going to probably pick one piece, you, too, and you’ll get me to. Both won support, one is the outside one, okay, and let me duplicate and for two is also here here to report to. And the media also caught two or three and four even use furniture, women etcher to support three to connect them to both three and four for two or four. These are the two, okay? It’s look like it’s not an error.
So, let me make them online and let means move them here. Okay, so four to one. And he bought two and bought one and put them here and let me. Okay, now I need to just say here, this is for three boards, right. And this site we have bought for. This is the general configuration, okay, what inside of me, okay? The IP schema, but before going to our IP schemozzle these and make them as are typical and rightly so, that I’ll go to edit configuration and enable auto and auto B, C one and remove this one and this one. These two and this one. These three. Don’t know, I can start this one, but before starting let me assign DCB will use DCB on this for two and also DCB on this for two.
So, it will assign automatically IP here. What I what I need, I need this, which will be the primary, so let’s say this is our primary fight to really start one and this will be C Countryfile or. Doesn’t need to be Sikkema, so IAP scheme 190 to 160, eight one zero 24. I will use this one insight. And definitely in this side, I don’t have a controller. I will use that one on one four range, which is my net cloud and this one. And here the IP is two. We all know this. The gateway to. Pocket and be we are using Google reinspected, that’s are the things which we required. Okay, so now let’s start from 40 years, we won this one, primary one, and let me start this one, by the way, they would be literally talking. We don’t have disappeared.
So. Right. Click on this and go to console.
So, I bought one. They already get IP through the ATP, so they plug in there.
So, let me go to a demand and I want to keep us for one, two, three, password control. Kukali, clear the screen and show system. And question mark, so on first form this IP from that globe, this. Fought to get one.
So, let me log in their first. Okay, username and password is one, two, three. Never. And let me give them my name. Primary F.W..
So, this is my primary firewall and let me change the color for a while. I know it will be much after a while, but at least part of your understanding, let me go to Sistrunk sitting and let me change the theme so the theme can be changed from what it is. It should be this one.
So, let me give them blue.
So, this is my primary for because I told you to thinking about Jane, what is the name? And the other one is priority.
So, the name is primary fight. Well, I give them and that’s why I go to the other one as well.
So. Right, click on this one. Console and admin. No password. Enter one, two, three. One, two, three. You can give me any other password. This is my. And. Sure, system and. Okay, so this gives a question mark, and this is 137 million this far away. Okay, so this will be green, okay? The one which is currently eight men and one, two, three. Never. And begin. And here, I will say, is the country under for quite a while? okay, so the green one is the country and right now the blue one is probably.
So, what we need to do, I don’t need to touch it, I know this is going to ruin everything I need to do first and primary firewall.
So, what you can do, first of all, to interface is we do not really start.
So, what I need the basic thing I need to do to enable BHP and assign any IP from this range, which we normally do.
So, I will assign 100 years IP address and the same thing. It will take automatically 100 here on this site anyway. And let’s assign 100 of this site is good.
So, what I need to do PT. one is my management as well and also ran some better to use them as a when I gave them the name brand and make them manual and let me assign demanded why hundert.
So, htp and everything is enabled because I’m using the Web board as a management participant.
So, don’t be confused yourself. Okay.
So, ok now it will disconnect. Now I will login instead of 136. I don’t know 100. And log in again, Edman, one, two, three, so I changed one interface and the IPA made them sturdy, bought one for two years Milin interface and still have primary to watch out for the first one. Okay and give them Lahm static IP redecide 192 168 1224 just in orbing. No need management exists online but it will be cheap so Livny must sign that. Remove this one. I need it just for Nutrisystem system.
So, from one to 99 because 100 is here. What do you mean the must define the. It will be the same user interface and business will be the system interface. It’s okay. No need to do anything. It’s in. We already know all these details.
So, Milin interface is done but I’m using two more interfaces, three and four.
So, click on third no interface and give them the name. Etcher one No need right be no need of being given anything. Just give them the name and each one they know and go to four for which is this one and assign them to. And okay, so I’m still in the primary fight, one which is blue collar. I just changed the name so that I can be easy to understand. It’s the only thing I need.
Solenni Configurability, Bananas and wunderkinder when I make them Sturdee Kibitzer and I give them to name one H2, which is connected between two for what we call them, achieving high availability like one in high availability linked to. Now I need to configure to be honest, the basic thing which we always do is that it and the other one is one dark one, dark one and apply. Next thing I need to stick it out to my traffic and go out.
So, I said anything, give it to 192 168 one and one for the two, which is my next top. This one one one for the two on the main interface. And okay, this is also done now. I need one single policy to allow the insert traffic.
So, what do I do for policy? Barloworld Everything is denied so I choose from here lane to where you can give them any name lane and will do so. It’s going to be anything. Now we know this is yesterday we discussed destination can be anything and services can be anything Flaubert’s. We know Najid. We know. We know. And I don’t need security profile in opposition. I want an. Okay. This the basic stuff, I figure. Now let’s come to it.
So, would water system, there is high availability, which we are just to advised as demand not. And the second one. Okay, I’m still here if you don’t like this color. Let me give them another color. Any other theme.
So, blue. There is this one. You know, this is a bit better, more visible.
So, click on it and still probably find one, which I give them the name. But I’m required by different fathers in standalone, more mean standalone. I click here and system and you click here. We will do first base. You connected to this property? I told you so. In the live picture we will give high priority to Hunter, which was the master one.
So, let me give them hundred. You can put in your radio, you can put one to as well. But we decided to give them so that anything so we can watch our files.
So, group name we decide each group again. You can give me name and put the password. One, two, three, four, five, six. Let me see. One, two, three, four, five, six. I set this password again. You can serve any password, you can serve any. But this has to be same on the other five one and priority can be one two. It can be one five. It can be ten twenty. It can be one. It has to be the primary one which you want to make them primary, give them high priority list. The only thing you can pick up, I just revised and yesterday we discussed in detail enable to pick up that whenever you have some session related to DCP, give it to your friend, then monitor interfaces, which we just revise them. And what is my money to them in this file? One, this interface is really important for me. I want to monitor one. I don’t want to disconnect from intimate. Maybe this firewall is on.
So, the HLT will tell to this one that yes, he is alive, but the link is done.
So, definitely the traffic will come here and will drop, drop, drop, because the the link is not there is an issue with the rail link.
So, this is very important.
So, what I do I said the monitor board. When as well whenever this is done, even if the firewall is not on paper, so the traffic will divert and it will come on this way and it will go out.
So, this is called port monitoring. I didn’t interface monitoring.
So, which interface? I’m interested, which is my re-import one interface, this one this way I give them the name so can easily identify some monitor interface is done and there is a hard muite interfaces. I mean I just advise them what is heartbeat. Heartbeat is nothing. They look period when they are sending and receiving will check their availability. These two interfaces is heartbeat for three and four.
So, I will say here that each one ejeta these are the heartbeat interfaces.
So, now they said give them priority. I told you that only one interface will work and I told you about the Pritikin before. The one and priority can be searched for. But interfaces when they are asking me which interface is your primary one, the other one is like a backup.
So, that I can send the in and heartbeat twice or three times the maximum fire drill and for three, let me give them anything supposed to hunger to zero for it is okay. This might want to you can give that again is the second one. Now we need more don’t mention management interface reservation. I truly do think and never be change, what is your name second is your priority, because these two things can identify you between one and more than more than two feet. One is a cluster. If you have high priority, then you will be identified by their priority and name will be identified. These two things will enable to begin. A list of everything will be mudded with each other. But now the question. I know a management might be one one for 1800, but my next firewall has management IP 192 168 one one phone 137, which is over in as well. But anyway.
So, what you can do, you can manage brain interface to this operation like a hotel reservation, you can reserve the interface. Show them that this because we are using RENNISON management, but your management will be sure some Endor interface choose dead ones. Whose fault? Well, this is your management and put together and IPV six, if you will, and put in reserve them.
So, their interface will be also distinguished like a name and priority. But anyhow we don’t get about that one.
So, I say I don’t need management interface. It is the innovation and the last thing which I just devised and not one case you can really let us into your replacement will be like this. You are both firewalled, will mean the same break either and different break, and you will be connected to Krasker. But two are will go like here and two are will be here this.
So, no need of any multicast unicast because we are directly connected. You don’t care. And no security needed because in the same data center and mode the firewall is the same break, even sometimes it is up and down with each other.
So, then why they’re asking me unicast. Hard to be, but when you are deploying these for a while in virtual environment, Nabiac physical devices, physical appliances then and where you know, they have many product virtualization, then it’s very difficult to end our broadcast.
So, then you can use unicast hard to beat there because you are not under the center to send a resume broadcast traffic. I you, I mean, I mean I was you you will see broadcast. It will go on this one time so you can enable unicast hard to beat. But this is only in the case of virtualization environment, not in the real world. You will never see this one. But I mean, I don’t need unicast as well and these are the things to enable higher visibility and care. It’s the password doing what it is a thing, so it’s showing me a master and it’s come up like this where if you check the interface, you there is i.e. this link monitor to watch out, watch out part of this interface. And yes, one is our brain interface.
So, I told them they’d watch out for this one. If this interfaces don’t again, you have to pick one one and then three and four interface three and four. There is a heart. It means heartbeat on these two interfaces. There are soon being hard to be reinforced. This one is mentioned and rest of interfaces we are not using. Who are we are using because there is nothing. This is our man. This is Allwyn.
So, I here. And these are hard because it is hard to be the interface and it’s genotypic interfaces.
So, this is simple, my this only one fired, one with 130 is primary primary one serial number of the fired one, Roland M. Uptightness 16 minute station is 20 and throughputs this one. And you can blame the left as well. And you can faceplate lack of split like, you know, the number plate topcoder. You can sure like that and you can listen and you can on and you can refresh.
So, my primary firewall is done. That is now going to the other for one second. We don’t do anything. Everything will be done automatically. Just go to system. No need to change a static IP because this will be no more. Only one IP will be used primarily IP management, one one rajinder no need to give them the interfaces name. Which are them here. No need to configure DNS, no need to configure sturdy crowd. No need to create a policy which I did everything. And probably it will be inhibited. It will be stinkier. Just go to in the second firewall system, click on energy and make from Secunda to do basically give them priority list then after which they have any but list them, give them the same name. This is important.
So, our name was. I think so h m g. And it should be the same password. 123456 enable Sishen pickup monitoring interfaces for one which is our exit and heartbeat. We held three and four and prioritized secure this one and the other one is nothing. No need on management anything and just press. Okay. Now, if you come here and log in here, a one, two, three, you will see some messages, it will start to synchronize each other. And let me come here to one, two, three. Right now, there is nothing yet but find one. And so you can really give them these name.
So, it will start sending sync with M. It started scenarist Animal Farm are not in sync with M. They say I’m trying to sync with the Mustafah one because I’m connected directly through to interfaces with you. Say these are the agenting. Okay, so they are trying to scare, save extremophile. I’m not staying with the monster. They’re trying to sync with the master one. Whatever reconfigurable the master wanted, it will sync here automatically.
So, mostly you will see the messages on the second one and after a while you will see the color will change. And this when there will be another one. Still I can see. Yes, come up. What does it say? When Identified with the names you can do firewalled because there are too name will never change with this. Kriol Mycelium is Jamie in Syria jet too. If it’s Lawlessly Wineman Monster and almost will uptime. A similar situation is more dire than there is 27 and this is the throughput and they are using the same interfaces and everything. Again, still not sync because until there is a tegmark green, that means the process is still going on. This is showing here. And also waiting for close to the data.
So, everything will be here after while and a string here. And also you can really fire to go to Dashboard’s status. You remember there was one Regitze with the HIV did, which is not showing.
So, we can A.J., you remember, we can Eldridge’s from here. And first lecture rediscuss. There is a registered nurse. Click on there and there will be Hitcher.
So, let me make them here. And it’s better to resolve them in the fall so we can see in more detail this one. You say more active. Passive. Yes, we are using active passive group name is Haji Master and one is the primary. Fardella is the name of the father. It can be something else. It doesn’t mean that the primary means it has to be primary all the time. And Slive means secondary follow up.
So, the country is still not synchronized, showing in the message.
So, we are still waiting, let’s see, it’s still sinking. And let me refresh this one and maybe it’s not done on our take some time.
So, that’s where effort is still there to still be it. And let’s go back to the system and try to verify from there as well.
So, it’s still in process.
So, let’s wait for another one to many days have done, I think.
So, let me refresh now. Is your screen now.
So, is January 13 is just through this way, his master and this one is live. And also now go back to the old status. Now you will see that there is the second of security for what it is, a musical slave name, a security guard. And this is probably five to one. And here it will never it will be not anymore available on this one no more. This might be because it’s become collectors who don’t care about Garibaldi and only one file right now, like a one five one.
So, this is everything. But they will give every session to the other five to one.
So, let me generate some traffic from here is a from BTP and not let me see you now. I can go to Facebook from here, so and let me go to this one as well and let me go from here to Amazon.
So, the main traffic will go like this, where is the primary and it will go to Facebook the same. This will be go like this way, but they will give us a solution to this. And also there will be little to do it in. And let me assure you that we try to do so to start give Jill, because I give for three years a primary one link, remember? So, if I go there, you will see Fertik, which I show you here. If I go to the. This one either digeridoo zero eight zero four. Let’s see if they started, then you will see Alata broadcast. Look at broadcast eight eight nine zero eight eight nine zero eight eight nine one and eight 93. And you can see it and zero eight nine three and eight nine two. And it’s a ethem it. And if you checked on this one, any picture you can see, okay, that I’d be able to show you from the other place because this Etomidate type and these are the broadcast picking which I do for the virtual environment, you can make them unicast.
So, they are sending and receiving, sending and receiving the heartbeat using. We are connected with Krasker and they are using this ether type of radio to exchange the information with each other. I will show this IP, they are using this IP, I know this to link, but still they will get this IP and then interface. Let me go to primary one, two, three, four, eight something, eight men and one, two, three. And when the primary firewall and gate system hatches, there you will see the IP, the cluster work on 169 254 to IP 169 Boufal to 4.0 IP. Suicidality, yes, is a lot easier. What else to verify? So, now every station is passing to the first part. Why this one? And we can see the decision to go to get for The View and the station.
So, we went to Facebook, we went to Google, we went to all the traffic is here, one, two and one dark three. You see these are all in one or two. In one three, they appeared immediately through every gate and everything.
So, they visit there. And because we are using nature that one IP 1400 was translated into these these stations will be there as well. And the other five one.
So, I suppose if I’m doing or it up and down the main link.
So, what I need to do, I need a pen somewhere here.
So, let me take one out of here on the outside. Oh, let me take it out to connect outside. Suppose, I have a system like Google or anything, and because if I take a HHTTP, it will be destroyed after awhile.
So, I need HHTTP. I assist each other. Tenebrae using TCP and connected all the time so their practice can be done through other issues.
So, let me go to the doctor first. Okay. Maybe there is an external one of the interface e0 zero IP address due to be done. It will get IP automatically and also it will get through Gateway. Let’s see which IP they’re taking and why not give them our own gateway. And I do this line. We divide zero two for transport and put all and password one, two, three and what is called log in one one for the 233 IP. Should I be interface with this Delson IP? Laden is dead. Let me go from inside. Two outside entertainment. This is our disposition. Yeah, we Net is working on and I was okay, just not possible. 100 to 168 one one four d’Harcourt was the B two, three, one, two, one, three. Let me take the next one, two, three. And I in that I would love to get out there. And you can see from here who do said 192 168 one one four 100 because it’s showing the naked IP this IP hundred of this old Saadet. It’s okay but I did Sishen from inside and let me do continue being from this with. I know DCB organization is, but anyway, let’s try this one into it did not a continue being and now let’s go to down this far, one of the primary four villages primary firewall. This one, this the primary firewall idea and executed. Shut down. Yes. Yes. Do you think my administration will be disconnected or not? Because my traffic was going through the primary firewall. Inferentially, firewall is not anymore, so he’s don’t know. Let’s go to my station is still connected and let me enable on the road to enable so that I can do that on subcommanders will enable password. One, two, three, four, one is done and mine taking enable. Yes. And me the IP and I mean that through IP interface breve. Yes. Everything I can do I’m still in that. I hear what DCB station and the routing which I’m using firewall is done is great. But it never disconnected me because the traffic was going a for a while.
So, if I disconnect me it means a decision is being picked up by the other firewall. And if I log in to the Sanford police level broken, this will be the same IP. But now this time it will be a second intifada one. It will be written on the top security look and I see the name will never be changed. But secondary become now the primary firewall if I want to system and check Hitchen.
So, assuring me that with 50 priority I am in the master because nobody is here.
So, I people not getting. No, no, no, I will never change. Yes, I do need the management. I became ridgen if you want. When I was configuring. I told you you can reserve the management IP but this IP will be the same. Yeah, they will use only one IP, the primary firewall IP. Okay, yeah.
So, now when Mostert fifty and I’m taking care of our decision now what they want to station was existing. It is already here automatically in my station and I they’re taking care about this one this way and they were disconnected. It’s okay now my internet traffic is already here. Decide station I established before when Identified what was up and this one was the secondary one. And still I’m connected via and also bingo will be continued. I know Ping will not come on the VCP because this is another only just be sure that you understand the concept. I know dcb I need to dcb bestand rather than to icmp this. But anyway you get idea from here. Now the question is if the firewall came big that this one primary start again. For some reason we make them down our. Maintainers proposal for some other purpose, either temporarily is done. Now, the one came back. What do you think it will be primary again, either because they’re your priority. I think you have not been able to.
So, I do not. Yes, yes.
So, it will never.
So, let’s go to I will be my decision will be disconnected. Reality. Yeah. And on the right will be remain. Yes. Because the other will never take what I’ve gained.
So, let’s go to system and go to Etcher and let’s see. Okay, and if I was still not up.
So, let me refresh after a while the priority with the higher one will come back again. Let’s see.
So, it will take some time I think to a student body.
So, for a while. Okay, come up now it means one, two or three and it’s, you know, a. Okay, come up now look at with the highest priority. Studious little.
So, one thing is proof that you, if never firewall is a primary firewall and you give them higher priority and for some reason the firewall down and if it is up, it will never come as a primary again until and unless you enable preemption, which I did, and enabled preemption. Now, the question is from Bill to enable preemption. And there is nothing to consider. That’s why in 40 years, some of the things you have to go do CLIA.
So, what I need to go I need to go to for to get one, which is this one with and still years of slavery written slave.
So, what I need to do, I will go to conflict or reconfigure. And System Haeju, which means really availability that I want to configure the system and sit, all right, I just want to ask what are there regarding preemption? And I would say I want to enable it. And and now after awhile, you will see this will become again master and little free legal element. One, two, three. Now, it will be Log-in is a primary video game, but I am ready for what is the name of the final one. I can give them one and two as if one if two. But I give them the name, which is confusion anyway.
So, if I want to hit it again this time the primary firewall is to become master again because I am able to. Right. And this do what I command config system and secure. Right.
So, we check the system pick up, we check the firewall if one is done and unlimited is established connection.
So, the user will never be disconnected, routinely vilified and rejected. Every fight on board the firewall has to be the same case, the same same interface. You same what to do the same old thing. And then we check if the master file one with high priorities, don’t we next come back, it will be slim until and unless you enable the right room. And then we really find it. They are using each ending to exchange the information. One is is a backup.
So, right now they are using both three is a hitcher one and sending broadcast period, which is ether type ether. That is nothing like Boubakeur. And then I assure you that using 169 IP, which we check 169 is nothing but a people IP. These are the an active passive. Let me go, if I missed something for somebody, then let me quickly so we can figure out what name you can give them any name. Okay, then. You get an extra bessey, reconfigure them, we make them their BTP verification, you can bring in I show you the next session and we disable one firewall.
So, maybe one last part, ICMP, NAFDAC, DCB, and then we make them and you can modify this to go on to and preemption. That’s it. Yeah. That’s the only thing.