We had to do this last January and this was supposed to be a job that shouldn’t take more than an hour to complete but it took us a few hours due to the lack of documentation (our biggest issue was how to reset the firewall to factory defaults because no one knew the password for it, the person who originally configured the second firewall left a while back). SonicWALL no longer supports this product and it took us quite a bit of googling to finally find the information we needed. I made sure I documented everything we did and now I’m sharing it with you guys.

Prerequisites

• (2) SonicWALL PRO 230
• (3) Switches for the WAN/DMZ/LAN ports
• (6) CAT5 Cables for connecting the 2 firewalls to the switches
• (2) Static LAN IP addresses
• A backup of the Primary firewall’s settings
• Make sure that the Backup Firewall has not been previously configured for use (go to Tools->Restore Factory Default Settings). Also set the Password to password using the Password tabin the General section. ** If you cannot login to the backup firewall you will need to reset it to factory defaults by reloading the firmware. **

Resetting the SonicWALL PRO 230 to factory defaults by reloading the firmware (the following steps might also work with other models)

1. Turn off the firewall and unplug the power cord.
2. Use a paperclip to push the small button in front of the firewall and hold it for 15 seconds.
3. While the button is still pushed down, plug the power cord back in and turn on the firewall.
4. Wait another 15 seconds and release the button.
5. Turn off the firewall. The firmware should now be corrupted at this point.
6. Get a crossover cable and plug in one end into the LAN port of the firewall and the other end to your laptop/computer.
7. Change your laptop/computer’s IP Address to 192.168.168.200.
8. Open a web browser and go to http://192.168.168.168.
9. You should see a page asking you to upload the firmware for the SonicWALL (you can get it from SonicWALL’s website by logging in to your account). Upload the file (.bin) and the firewall will restart. Once it is back up it should now be back to factory defaults with an admin password of password.

Required Steps

1. Make sure both firewalls are off.
2. Connect both firewalls to the network.
3. Turn on the Primary Firewall and wait for diagnostics to complete.
4. Log in to the Primary Firewall (let’s pretend this IP is 192.168.0.1).
5. Click High Availability on the left
   1. High Availability Status (Primary SonicWALL):
      1. LAN IP Address: eg. 192.168.0.2 (make sure this is different from the IP you’re logged in to right now (ie. 192.168.0.1))
   2. High Availability Settings (Backup SonicWALL)
      1. Serial Number:
      2. LAN IP Adress: eg. 192.168.0.3
      3. Check Preempt Mode (to allow the Primary to take over when it comes back up)
      4. Heartbeat Interval: 5 seconds (lowest is 3)
      5. Failover Trigger Level: 3 missed heartbeats (Backup will take over if 2 heartbeats are missed)
      6. Active SonicWALL Detection Time: 0 seconds
6. Click Update.
7. Turn on the Backup Firewall (the Primary Firewall will detect its presence and synchronizes the settings).
8. Check the Primary Firewall log for a High Availability confirmation message.
9. Log in to the Backup Firewall (192.168.0.3) to confirm that it is the backup.

Testing the Configuration

• Turn off Primary and see if the Backup picks up.
• Turn Primary back on and see if it will take over.
• Make a note on how long it took to pick up and also check for network interruptions (it should pick up instantly).

Notes

• If everything is working, the Primary will be in active mode, and the backup will be in idle mode.
• When the Primary goes down, the backup will switch to active mode.
• When the backup takes over, it will have all the settings of the Primary including the Network settings so there is no need to change anything.
• The IP 192.168.0.1 will still be accessible to access the firewall that is currently active.