- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
Can standalone appliance have Fallback operations. Are there any limitations?
09/24/2020 
1 People found this article helpful
34,481 Views
Description
Do standalone appliance(s) support Fallback operations? If yes how many Appliances are needed to participate.
Resolution
Fallback Servers is an option for Customer who have two or more standalone appliance and want to have Connect Tunnel users be supported with Failover on event of Primary Device failing.
Note: This Option is hidden in 12.3 & 12.4 which would be deprecated in future version. As Customers are encouraged to Configure CMS/GTO to support more better features.
- SonicWall SMA1000 Supports Fallback Servers for Connect Tunnel not for any other access methods.
- On event of Primary appliance failure users would automatically Fallback to Secondary Server.
- User who have at least connected once to Primary device would be supported to Fallback to Secondary appliance on Event of failure.
How to Enable Fallback Server option on 12.3 or 12.4 . (This feature is hidden by Default on 12.3 or 12.4) & Configure Fallback Servers.
How to Enable CEM Value to unhide this option:
- Log in to AMC.
- Click on Maintenance in the left-hand navigation menu.
- In the URL, append "?advanced=1", and hit return.
- Click on Configure under the new section Configuration extensions.
- Click New
- For the Key field, put in: MGMT_FALLBACK_SERVERS
- For the Value field: true
- Click OK.
- Click Save.
- Apply Changes (Note This needs to be done on Primary Device . Appliance Service would restart and this might disconnect Connected VPN Users).
To specify a Fallback Server for Connect Tunnel users
- 1. Login to SMA 1000 Management Console-Select Network Settings
- 2. In the Tunnel Service area, click New
- 3. In the Fallback Servers area, click New.
- 4. Specify the Fallback Server by hostname or Ip address
- 5. In the Realm box you have two choices:
- Leave it blank: Whatever realm the user was logged in to before the primary server became unavailable is the same realm name that will be used on this particular Fallback server.
- Specify a realm: Force users to log into a particular realm when they connect to the server.
Fallback server setting don't replicate as part of policy replication. In a group of server that have designated Fallback server, each appliance has a unique list that should not be replicated on the other Servers (Appliances).
Related Articles
- How to secure Virtual Office portal from all external access
- NetExtender users fail to get connected throwing an Error Failed to get vpn protocol on firmware 10.2.1.2 or above due to misconfigured protocol
- Is SRA/SMA appliance vulnerable to CVE-2016-2183 and CVE-2016-5915?
Categories
- Secure Mobile Access > SMA 1000 Series > Connect Tunnel Client
- Secure Mobile Access > SMA 1000 Series > High Availability & Clustering
YES
NO