Establish the Primary/Backup Failover Relationship Between Two Appliances

Failover Page Configuation

BeyondTrust failover enables synchronization of data between two appliances, creating a simplified, two-way process, regardless of which failover configuration you choose. Automatic synchronization of data can be enabled for any of the three supported failover configuration methods. To start automatically synchronizing site data between two appliances, you must first establish a trusted relationship between them. On the appliance you intend to be primary, go to /login > Management > Failover.

To configure a valid connection, both appliances must have identical Inter-Appliance keys. Please see the /login > Management > Security page to verify the key for each appliance.

Establishing the relationship between the two appliances occurs on the Failover page of the appliance intended to be the primary appliance. The addresses that are entered here will establish the relationship and allow either appliance to connect to each other at any time. The fields on this page called New Backup Site Connection Details tell the primary appliance how to connect to the appliance that will become the backup appliance. The fields called Reverse Connection Details to this Primary Site will be given to the backup appliance and tell it how to connect back to this primary appliance. You must use a valid hostname or IP address and the TLS port number for these fields. When all of these fields are set, click the Establish Relationship button to attempt to establish the relationship.

Whenever possible, BeyondTrust recommends using the unique IP address of each appliance when configuring these settings.

Failover Status
 Backup Site Instance Status
Backup Site Instance Configuration
Backup Settings

Once the relationship has been established, extraneous tabs will be removed from the backup site. It takes about 60 seconds for the first data synchronization to initiate, but you may also click the Sync Now button to force synchronization and pull the most current information from the primary appliance into the memory of the backup appliance. Synchronization itself may take anywhere from a few seconds to a few hours, depending on the amount of data that needs to be synchronized. The Failover page will list the last date and time of data synchronization when synchronization is completed.

Failover synchronization syncs all user accounts, all /login configuration settings, files in the file store, logs, and recordings. All of this information which exists on the backup appliance will be overwritten by that which resides on the primary appliance. If the primary appliance is the master node in an Atlas cluster, the backup appliance will automatically become the new backup master node in this cluster.

You can disable synchronization, although this is recommended only in rare cases.

For more information, please see the best practices section, Establish Failover Settings for Primary and Backup Environments.

If you want to break the relationship so that this appliance no longer backs up any primary appliances, click the Break Failover Relationships button. This will not remove configuration settings and session data already synchronized.

After failover is configured, the primary appliance can send an email alert if no backup appliance pulls its data for a given length of time. This allows you to be aware if relationships have been disrupted. To activate this alert email, enter connection parameters for a working SMTP server on the primary appliance's /login > Management > Email Configuration page. The next synchronization will copy the settings to the backup.

If the backup appliance determines that the primary appliance is down, it will send a series of emails to the Secure Remote Access Appliance administrator notifying them of the failure and counting down the time until automatic failover will occur. The backup appliance will attempt to reach the primary for the length of time specified by the Primary Site Instance Timeout. If it is unable to reach the primary during this time, then the backup will enable the shared IP and will assume the role of primary if automatic shared IP failover is configured; otherwise, you must configure failover manually. As soon as the switch is made, you can resume normal support activity. All requests to your support site will be served by the backup appliance.

In order to use BeyondTrust's built-in automatic failover, your two appliances must be on the same subnet. If you wish to use automatic failover with appliances on different networks, you must use the failover API.

In the Failover :: Backup Settings section, set frequency of backup. Remember to set the backup frequency on the primary and backup since these settings are independent.

For more information, please see Establish Failover Settings for Primary and Backup Environments.