IBM Support

QRadar: How to enable two IPs on an HA Pair that do not fail over during the HA failover process

Troubleshooting


Problem

This technote addresses configuration, where separate IP addresses are needed for firewalled VLANs and segments to be used for managed services, accesses or various other needs.

Resolving The Problem

To resolve the issue, follow these are the steps to enable the separate IP addresses:

Before you begin: This configuration assumes the IP addresses being configured are on a completely separate sub network than your management interface.

  1. Log in to the QRadar User Interface as an Admin.
  2. Click Admin tab > click System and License Management Icon.

  3. In the host table, find the HA Pair where the IP addresses are needed and highlight the Active System.
  4. Right-click and select View and Manage System.

  5. Click Network Interfaces tab and then select one of the available Ethernet devices to configure.

  6. Click Edit.
  7. Select Role: Regular, and then provide the IP address and Subnet.

  8. Uncheck Apply this interface configuration and IP address to the active HA node.
  9. Click Save and close out of the View and Manage System.
  10. Highlight the other node in the pair.
  11. Right-click and select View and Manage System.
  12. Please follow steps 4 - 7 making sure that you have unchecked Apply this interface configuration and IP address to the active HA node if presented with that option.

Note: Should you encounter issues displaying the Firewall or Network Interfaces tab of the non-active partner within the HA pair, you might have use the steps in Troubleshooting the Configuration:

Troubleshooting the Configuration
  1. Toggle the Primary Offline.
  2. Verify the Secondary is now Online and is Active.
  3. Toggle the Primary Online and set from Offline to Standby.
  4. Update the Secondary Configuration.
    1. Log in to QRadar UI > click Admin Tab,
    2. Select Systems and License Management.
    3. Locate HA pair to modify the configuration.
    4. Select the Active Secondary host.
    5. Right-clicking and select View and Manage System.
    6. Click Network Interfaces tab.
    7. Once the interface has been chosen, uncheck the Apply this interface configuration and IP address to the active HA node.
    8. Update the IP address.
    9. Click Save.
  5. After saving the configuration, use an SSH session to log in to the Secondary host. Validate the interface is active and that the IP is assigned.
  6. Toggle the Secondary Offline.
  7. In System and License management, Verify the Primary is now Online and is Active.
  8. Toggle the Secondary Online and set from Offline to Standby.

Results: You now have your VLAN configured.


Where do you find more information?



[{"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"High Availability","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.2;7.3","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg22001408

Page Feedback