Skip to main content
Umesh
Umesh
Explorer II
May 20, 2022
Question

Fortinet HA configuration ( Active - Passive )

  • May 20, 2022
  • 3 replies
  • 1635 views

Hi All,

 

Please give me two minutes whether what I have configured for the ha cluster is good or not as I am new to Fortinet.

Please go through the below snapshot once. I would like to also tell what I have configured is working fine as per my knowledge. kindly share your comment on it.

HA_1.JPG

 

Thanks & Regards,

Umesh Prajapati

India

3 replies

aahmadzada
Staff
aahmadzada
Staff
May 20, 2022

1. Suggestion to configure interface monitoring under HA settings- that will allow you to failover if one of the monitored interfaces goes down for any reason.

2. Also configure Remote link monitoring:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/252877/remote-link-failover


Ahmad

jintrah_FTNT
Staff
jintrah_FTNT
Staff
May 20, 2022

Hi Umesh,

 

Setup looks good to me, you may want to add additional heartbeat port (if any free available port exist on device) for better redundancy.

 

Best regards,

Jin

 

AEK
SuperUser
AEK
SuperUser
May 20, 2022

Agree with Jintrah to add secondary heartbeat, in case one breaks you avoid to have useless split brain.

Optionally you can add monitored interfaces in case you have critical links, e.g. if the primary FGT lost port4 link, the secondary FGT takes over, this will guarantee that your app server is always reachable even if the port4 link breaks on primary FGT.

AEK
Terms & ConditionsAccessibility statement