Activate the Secure SD-WAN Engine configuration after converting a Single Engine to a Engine Cluster

You must activate the new configuration to finish converting a Single Engine element to a Engine Cluster element.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. If any external device uses the engine as a default gateway or VPN endpoint and the previously used IP address is converted to an NDI, reconfigure the external equipment to reference a CVI address.
  2. Run the Secure SD-WAN Configuration Wizard on the command line (sg-reconfigure) or in a web browser.
  3. Make sure the interface IDs are mapped to the correct network ports on the hardware.
  4. Make initial contact between the Secure SD-WAN Engine nodes and the Management Server.
    Install and configure any new Secure SD-WAN Engine nodes as part of the cluster in the same way as in a new installation. See the Forcepoint FlexEdge Secure SD-WAN Installation Guide.
  5. Install the policy on the cluster.

    If any new nodes have not yet been initialized, set the inactive nodes to disabled before you refresh the policy of the existing node. Otherwise, the policy installation fails due to a lack of connectivity to all nodes.

Next steps

If there are problems with the clustered configuration, you can return to single-node operation. To do so, command one node offline through the right-click menu or through the command line.