Fortigate – Configuring HA

This is a simple explanation of how to configure HA between two FortiGate. if you are using physical devices, you would need a network cable or cross-over cable to link the two devices. If you are using VM’s, then ensure they are on the same network or VLAN. Isolate the VLAN to avoid broadcasts. On the primary unit, here is an example of the configuration to apply:

  • config system ha
  • set group-name <name>
  • set hbdev port8 10
  • set priority 200
  • set password <password>
  • set group-id 89
  • set mode a-p

Secondary unit

  • config system ha
  • set group-name <name>
  • set hbdev port8 10
  • set priority 130
  • set password <password>
  • set group-id 89
  • set mode a-p

Notes:

Name – should be the same on both devices.

Priority – the primary device should be higher than the secondary device.

Password – when you setup will be in plain text, but when you show the info, it will be encrypted.

Group-ID – Should be unique and the same on both devices in the cluster.

Applying the above on the primary. Once the cluster is up and running, you then apply onto the secondary or others.

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.