Specifies a name to identify the cluster.

Configuration Settings

Select this option to run a cluster pair in active/passive mode. Then, specify an internal VIP (virtual IP address) and an external VIP if the external port is enabled.

Select this option to run a cluster pair in active/active mode. Active/Active runs a cluster of two or more nodes in active/active mode using an external load balancer.

To change a two-unit active/passive cluster to an active/active cluster with more than two nodes, first change the configuration of the two-unit cluster to active/active and then add the additional nodes.

Synchronization Settings

Select this option to propagate all log messages among the devices in the cluster.

User/Session Synchronization

Select this option to disable synchronization of session data and to replicate only configuration data and user records (for example, web bookmarks, NFS and windows shared files, terminal servers, telnet sessions, SAM, preferences, and passwords).

Enabling this option limits data transfers between the cluster nodes. User and Session specific limits are only enforced on the node and not across the cluster.

Select this option to synchronize all user session information (for example, instances of access to intranet services) among all the devices in the cluster.

Select this option to propagate the latest user access information across the cluster.

If you configure your cluster as active/passive, the Synchronize user sessions and Synchronize last access time for user sessions options are automatically selected.

If you select both Synchronize log messages and Synchronize user sessions check boxes, everything is replicated on the cluster nodes, including networking information. Even though networking information, including syslog and SNMP settings, can be configured per node or per cluster, all of the networking information is synchronized between nodes when these two options are set.

If your cluster node configurations diverge because of changes made to one node while another is disabled or unavailable, the system manages the remerging of the configurations automatically, for up to 16 updates. Beyond the maximum number of allowable updates, you might need to intervene and remerge the configurations manually. In some instances, the system might be unable to remerge the configurations if there is not enough overlapping configuration information between two nodes to manage the internode communication.

For example, for a two-node cluster in which the two nodes are partitioned from each other because of a network outage, if the internal network IP address of one of the nodes changes in one of the partitions, the two partitions are unable to rejoin, even when the network is repaired. In such a case, you must remerge the configurations manually.

Network Healthcheck Settings

Specify the number of ARP ping failures allowed before the internal interface is disabled.

Select this option to disable the external interface of the device if the internal interface fails.

Advanced Settings

Select the Advanced Settings check box to specify the timeouts for the underlying cluster system. Do not change any values under this setting unless instructed to do so by Ivanti Technical Support.

Select the appropriate network type. Network type selection controls the timeouts used by the underlying cluster system. Change this value only when you observe repeated cluster partitions that may be related to long network delays or significant load in any of the cluster nodes.

A non-default network type cannot be used in conjunction with non-default timeout multipliers. If a non-default network type is picked, the timeout multiplier will silently get reset to the default value.

Default cluster timeouts have been picked to be optimal for typical cluster installations. Administrators have the ability to adjust the cluster timeouts over a linear scale of 1-20. Smaller timeouts result in faster failure detection. Larger timeouts minimize the risk of cluster splits during transient network glitches. The system can be instructed to pick a reasonable default for the current cluster configuration by specifying a value of 0.

A non-default timeout multiplier can only be used in conjunction with the default network type. If a non-default network type is picked, the timeout multiplier will silently get reset to the default value.

Verifying the configuration on System > Clustering > Cluster Status page.

Displays the cluster name, type, configuration, internal VIP, and external VIP for an active/passive cluster.

Click this button to specify a node you intend to add to the cluster. You can add multiple nodes at the same time.

Click this button to add a node that was previously disabled. When you add a node, all state information is synchronized on the node.

Click this button to disable a node within the cluster. The node retains awareness of the cluster but does not participate in state synchronizations or receive user requests unless members sign in to the node, directly.

Click this button to remove the selected node or nodes from the cluster. After removal, the node runs in standalone mode.

Click this button to failover the VIP to the other node in the active/passive cluster. Only available if cluster is configured as active/passive.

Lists all nodes belonging to the cluster. You can click on a node's name to modify its name and network settings.

Shows the internal IP address of the cluster member using Classless Interdomain Routing (CIDR) notation.

Shows the external IP address of the cluster member using CIDR notation. Note that this column shows only the external IP address of the cluster leader unless you specify a different address for the node on its individual network settings page, which is accessible by clicking its name in the Member Name column. If you change the external IP address on the Network > Network Settings page, the change affects all cluster nodes.

Shows the current state of the node:

•Green light, Leader - The node is the active member of an active/active cluster and is handling user requests.

•Green light/enabled - The node is handling user requests and participating in cluster synchronization.

•Yellow light/transitioning - The node is joining the cluster.

•Red light/disabled - The node is not handling user requests or participating in cluster synchronization.

•Red light/enabled, unreachable - The node is enabled but because of a network issue, it cannot be reached.

A node's state is considered standalone when it is deployed outside of a cluster or after being removed from a cluster.

Shows the status of the node's connection to the cluster:

•OK - The node is actively participating in the cluster.

•Transitioning - The node is switching from the standalone state to the enabled state.

•Unreachable - The node is not aware of the cluster. A cluster member might be unreachable even when it's online and can be pinged. Possible reasons include: its password is incorrect, it doesn't have information about all cluster nodes, it's configured with a different group communication mode, it is running a different service package version, or the machine is turned off.

Specifies the synchronization order for nodes when a node rejoins a cluster. Accepts sync ranks from 0 (lowest rank) to 255 (highest rank). The highest rank takes precedence. If two nodes have identical sync ranks, the alphanumeric rank of the member name is used to determine precedence.