Add HA A/P FortiGate to FortiManager

Forum|Forum|6 months ago
November 30, 2025
1 reply
572 views

Hi,

I do have HA Active Passive FortiGate - Active and Running. Recently, I added a new FortiManager. Kindly guide how I can add FortiGate as an HA to FortiManager.

There is an option on FortiManager to add an HA Cluster. But that means that this is for a new deployment, and now I'm in production.

I followed the normal way to add a node from FortiManager - Add Primary IP - Then I noted that the Secondary became out of sync.

Kindly guide me to the correct way.

Best answer by AEK

Hi Saleem

Check this tech tip.

https://community.fortinet.com/t5/FortiManager/Technical-Tip-How-to-Manage-FortiGate-HA-Clusters-via/ta-p/396846

If I remember well when I do such integration I never use an HA dedicated management interface to connect to FMG, I always use an interface/IP which fails-over on cluster fail-over, (i.e. shared interface/IP), and this way you don't to add both nodes, you add only once. Also I think I've read such recommendation somewhere but I don't remember where. Anyway this always worked fine for me.

AEKAnswer

SuperUser

Hi Saleem

Check this tech tip.

https://community.fortinet.com/t5/FortiManager/Technical-Tip-How-to-Manage-FortiGate-HA-Clusters-via/ta-p/396846

If I remember well when I do such integration I never use an HA dedicated management interface to connect to FMG, I always use an interface/IP which fails-over on cluster fail-over, (i.e. shared interface/IP), and this way you don't to add both nodes, you add only once. Also I think I've read such recommendation somewhere but I don't remember where. Anyway this always worked fine for me.

AEK

osaleem2_10Author

Explorer III

thanks. I used the normal add device. And FortiManager was able to understand that they are HA.

as the document you shared. The manager communicates only with the primary.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded