HA FortiGate using internal switch for connecting to one ISP

Forum|Forum|4 years ago
June 15, 2022
1 reply
1725 views

Dear all,

I want to set two FortiGates in HA mode and I don't want to buy a switch for Internet connection, I want to use the feature "Software Switch" from the Interfaces menu. It is possible, did somebody do this before?

Practically, I will have a switch set with 2 interfaces assigned on first FortiGate, which is connected to the ISP. And from the same switch, I will connect the second Fortigate, on the wan interface. How can I set the first FortiGate to have internet access also? And if the first firewall is down, then the secondary is down also. So, I have to set the Software Switch, but I don't know how to link the first fw wan interface to the switch, where is the ISP connected. Just create Software Switch on fw1 and assign the wan IP address?

config system switch-interface
edit VswitchWAN
set type switch
set member wan, port1
end
config system interface
edit VswitchWAN
set ip 100.100.100.100
set allowaccess https ssh ping
end

This is enough?

FortiGate

A

Anonymous_User

Contributor

Hello @Galamij,

Thank you for posting on Fortinet Community Forum.

I have not seen such topology before. However, I would suggest taking references from the link below. Can you explain through a network diagram about your network?

https://docs.fortinet.com/document/fortigate/6.2.10/cookbook/900885/ha-active-passive-cluster-setup

Thanks,

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded