Remove a High Availability Pair
You can unregister the pair from the management center, which keeps the High Availability pair intact. You might want to unregister the pair if you want to register it to a new management center or if the management center can no longer reach the pair.
Unregistering a High Availability pair:
-
Severs all communication between the management center and the pair.
-
Removes the pair from the Device Management page.
-
Returns the pair to local time management if the pair's platform settings policy is configured to receive time from the management center using NTP.
-
Leaves the configuration intact, so the pair continues to process traffic.
Policies, such as NAT and VPN, ACLs, and the interface configurations remain intact.
Registering the pair again to the same or a different management center causes the configuration to be removed, so the pair will stop processing traffic at that point; the High Availability configuration remains intact so you can add the pair as a whole. You can choose an access control policy at registration, but you will have to re-apply other policies after registration and then deploy the configuration before it will process traffic again.
Before you begin
-
This procedure requires CLI access to the primary unit.
Procedure
Step 1 | Log into Security Cloud Control and click Inventory. |
Step 2 | Click the FTD tab and locate the High Availability pair you want to unregister. Select it so the device row is highlighted. |
Step 3 | In the Device Actions pane located to the right, click Remove. |
Step 4 | When prompted, select OK to confirm the removal of the selected device. |