Set Up DNS Swing for PRA Failover Appliance Configuration
Change the DNS entry for your Privileged Remote Access site from the primary BeyondTrust Secure Remote Access Appliance IP address to the IP address of the backup appliance.
Configure Networking on the Appliances
Log into the /appliance administrative interface for your primary appliance, accessible from either its unique hostname or IP address (e.g., https://site1. example.com/appliance or https://188.8.131.52/appliance).
Because DNS directs the site domain, access.example.com, to this IP address, this is the primary appliance. All session activity will occur on this appliance.
Log into the /appliance administrative interface for your backup appliance, accessible from either its unique hostname or IP address (e.g., https:// site2. example.com/appliance or https://184.108.40.206/appliance).
Go to the Networking > IP Configuration page. If you have not already configured your static IP, click Add New IP and enter the static IP and subnet mask, making sure to keep this IP Enabled. Then click Save Changes.
In the event that you encounter a potential failover situation, try to reserve failing over as an absolute last resort. If the primary appliance, Appliance A, is down, it is often quicker and has less of an impact to bring it back up rather than failing over to the backup appliance, Appliance B.
To fail over, access the DNS controller and locate the DNS entry for your Privileged Remote Access site (e.g., access.example.com). Edit the entry to point to the backup IP. Click Become Primary from the backup appliance Failover page. Once the DNS entry has propagated, you can resume normal activity. All requests to your site will be served by the backup appliance. Exact methods for achieving this task vary depending on your DNS provider and software, so consult your DNS documentation for exact steps to do this.
Example DNS Swing Configuration
|Primary Appliance||Backup Appliance|
|Definition||The appliance used during normal operations.||The appliance used during failover operations.|
|Site Name||access.example.com (220.127.116.11 or 18.104.22.168 as determined by DNS Server setting)|