You are here: Pulse Connect Secure > Pulse Connect Secure Administration Guide > System Management > Clustering > Deploying an Active/Active Cluster > Configuring an Active/Active Cluster

Configuring an Active/Active Cluster

You use the primary node admin GUI to create the cluster and add members. The primary node is added as part of the cluster creation operation. When you add members, you are prompted for settings unique to the member, such as the name and IP address configuration for the internal and external interfaces. A few additional settings are also unique, namely the management port and VLAN port settings, so you add these manually after the add node procedure that follows, but before the join cluster operation.

To create a cluster and add members:

  1. Select System > Clustering > Create Cluster and enter a name for the cluster, a cluster password, and a name for this node, such as Node-X.

    You need to enter the password again when specifying additional nodes to join the cluster. All nodes in the cluster use this password to communicate.

    Figure 230 shows the Create New Cluster page for Pulse Connect Secure.

    Figure 230: Create New Cluster Page

  1. Click Create Cluster. When prompted to confirm the cluster creation, click Create. After the device initializes the cluster, the Clustering page displays the Status and Properties tabs.
  2. Click Properties.

    Figure 231 shows the Clustering page for Connect Secure.

    Figure 231: Clustering Page– Active/Active Configuration

  1. Select Active/Active configuration and complete the configuration as described in Table 170. Active/Active configuration is selected by default.

    Table 171: Clustering Property Settings

Settings

Guidelines

Cluster Name

Specifies a name to identify the cluster.

Configuration Settings

Active/Passive configuration

Select this option to run a cluster pair in active/passive mode. Then, specify an internal VIP (virtual IP address) and an external VIP if the external port is enabled.

Active/Active configuration

(Default) Select this option to run a cluster pair in active/active mode. Active/Active runs a cluster of two or more nodes in active/active mode using an external load balancer.

NOTE: To change a two-unit active/passive cluster to an active/active cluster with more than two nodes, first change the configuration of the two-unit cluster to active/active and then add the additional nodes.

Synchronization Settings

Synchronize log messages

Select this option to propagate all log messages among the devices in the cluster.

User/Session Synchronization

Configuration only cluster

Select this option to

Synchronize user sessions

Select this option to synchronize all user session information (for example, instances of access to intranet services) among all the devices in the cluster.

Synchronize last access time for user sessions

Select this option to propagate the latest user access information across the cluster.

NOTE:

  • If you select both Synchronize log messages and Synchronize user sessions check boxes, everything is replicated on the cluster nodes, including networking information. Even though networking information, including syslog and SNMP settings, can be configured per node or per cluster, all of the networking information is synchronized between nodes when these two options are set.
  • If your cluster node configurations diverge because of changes made to one node while another is disabled or unavailable, the system manages the remerging of the configurations automatically, for up to 16 updates. Beyond the maximum number of allowable updates, you might need to intervene and remerge the configurations manually. In some instances, the system might be unable to remerge the configurations if there is not enough overlapping configuration information between two nodes to manage the internode communication.

For example, for a two-node cluster in which the two nodes are partitioned from each other because of a network outage, if the internal network IP address of one of the nodes changes in one of the partitions, the two partitions are unable to rejoin, even when the network is repaired. In such a case, you must remerge the configurations manually.

Network Healthcheck Settings

Number of ARP Ping Failures

Specify the number of ARP ping failures allowed before the internal interface is disabled.

Disable external interface when internal interface fails

Select this option to disable the external interface of the device if the internal interface fails.

Advanced Settings

 

Select the Advanced Settings check box to specify the timeouts for the underlying cluster system. Do not change any values under this setting unless instructed to do so by Pulse Secure Technical Support.

  1. Click Save Changes.
  2. Click Add Members to specify additional cluster nodes.