In this document we will see something fundamental in environments where we must have a system always available, where NetScaler is the main element by having several balanced and protected external services. In this case, we will see how to configure an HA or a NetScaler cluster so that under no circumstances can we drop the services that we publish with our appliances.

In principle, we will configure one of the two NS as primary and the other as secondary that will monitor the main one, In the event of a first node crash, the latter would be activated instantly to provide service. To set it up, it will be enough to have the second NS on the same network as the first to add it, Anyway here We have all the official information in case you need more info depending on each scenario.

The first thing we will do, will be to go to “System” > “High Availability” > “Nodes” and we'll add the second NetScaler that we'll have set up in a basic way, Click on “Add…”,

We add the second Netscaler, we add your PIN, Mark “Configure remote system to participate in High Availability setup” & “OK”,

After a few seconds it will indicate that the High Availability configuration has been correctly enabled in our NS.

We confirm that we have both systems in the tab 'Nodes’ within the HA.

When we connect to the second NetScaler it will already indicate with a warning that we will not be able to apply changes from it, we must do it from the main NS and this in principle we will not manage it.

We will see from the IP's associated with this NS cluster that maintains the PIN of the main NS in addition to the SIP or MIP, and of course the VIPs that we have already defined for other services. We'll save the setup!

We will be able to test the NS balancing from “System” > “High Availability” > “Nodes”, we select the node we want to put as the main NetScaler and indicate “Force Failover…”.

“Yes”, It tells us that the normal thing will be to balance them by command line so as not to lose connectivity with the management.

And that's it! Click on accept, we have set up a simple HA system between two NetScalers that will always provide uninterrupted service!!!

Eye, that one of the problems that I have been able to detect when doing the Failover is that the VIPs are left in a 'down' state, and it is because the certificates are lost!! We will have to recreate them in such a case from “SSL” > “Certificates” > “Install” and install them as usual by indicating the name of the certificate in 'Certificate-Key Pair Name'; Later we will indicate the certificate, it is usually the .cer or .crt in Certificate File Name'; as well as the private key, usually the .key on 'Private Key File Name’ and finally the password in 'Password’ in addition to normally indicating 'PEM’ in the certificate format.