It may be necessary to failover a high availability firewall pair for troubleshooting or maintenance purposes. To do this on a Juniper SSG# login to the master firewall through SSH and issue the following command:
exec nsrp vsd-group 0 mode backup

To confirm this was successful check the logs on the new master firewall. There should be an entry that looks similar to this:
Peer device 5303936 in the Virtual Security Device group 0 changed state from primary backup to master.

Leave a Reply