High Availability (HA) cannot be configured until the Partner Shared Secret is set.

The Partner Shared Secret is required to secure communications between partner devices and must be enabled on all HA partners, all LoadMasters in a cluster, and all GEO partners. The Partner Shared Secret must be the same on:
  • Both units in a HA setup
  • All units in a LoadMaster cluster
  • All GEO partners
  • All remote GEO machines that retrieve Virtual Services from this device

When an incoming shared secret does not match the local Partner Shared Secret (including if only one side is providing a shared secret), a warn-level log message is recorded that says Unauthorized Remote Machine connection from <ClientIPAddress> and the connection fails.

You can find this secret in the following locations:
  • Regular/shared Web User Interface (WUI): Certificates & Security > Remote Access
  • Local WUI (of a configured HA or cluster unit): Local Administration > Remote Access

You can also set the Partner Shared Secret using the RESTful API (using the setlmcommsecret command) or the PowerShell API (using the Set-LmCommSecret command). For further details, refer to the API documentation on the LoadMaster GA documentation page.

This secret must have a minimum of 8 and a maximum of 127 characters. The following characters are supported:
  • Numeric: 0-9
  • Uppercase alphabetic: A-Z
  • Lowercase alphabetic: a-z
  • Special characters: !"#$%&()*+,-./:;<=>?[\~]^_@`{|}

If you try to set up HA and the Partner Shared Secret has not been set, a pop-up message appears saying you need to set the secret. When you click OK, you are brought to the Remote Access screen to set the secret.