FG 7.2 AWS HA A/P single az

Forum|Forum|4 years ago
May 26, 2022
1 reply
973 views

we are running privately, so no EIP are associated with the LAN/WAN interfaces

so i created the M/S but when i create the HA the standby unit takes on the primary ip addresses of the master. when manual failover is initiated then traffic stops, the secondary ips and routes etc have been updated but i need to manually go onto the standby fortigate and change the ip addresses of the the LAN/WAN interfaces to what i originally set them to (different to the master primaries) before creating the HA.

If i then turn the master back online then the masters LAN/WAN interfaces are changed to that of the standbys, if i initiate a failover back to the master then again i need to change the ip addresses within the fortigate master to the primaries within AWS config and what i originally set :\

any ideas?

FortiGate

synthesister_pAuthor

Visitor III

i worked this out in the end, will post a write up in a week. documentation/diagram needs updating by fortigate

mainly was my not understanding that you must'nt use the interface as a reference for doing NAT etc and must use the secondary ips for everything and yes the backup unit does change its local to fortigate ips.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded