Redundant Interface and HA design

Forum|Forum|4 years ago
July 12, 2021
1 reply
4489 views

Hi,

i would like to ask about FortiGate redundant interfaces.

I noticed that FortiGate redundant interface can use for link failover.

So i consider the HA design without using switch between firewalls.

i create redundant interfaces on DB tier firewall to connect to APP tier firewall. I create redundant interfaces on APP tier firewall to connect web tier firewall. Link monitor for HA in Web tier is WAN and LAN interface. Link monitor for HA in APP Tier is LAN interface. Link monitor for HA in DB tier is WAN and LAN interface

Please see the blew picture.

I only worry if firewall redundant interfaces are directly connected to firewall without connect to switch ,the HA and redundancy will work properly ?

Please let me know any concern on my design ?

forum.jpg

lobstercreed

New Member

TIL about redundant interfaces (i.e. NOT 802.3 aggregates) on FortiOS. I didn't even know that was a thing and thought maybe you were talking about an aggregate (which would not work this way), but yes from what I read it looks like this should work. Please do let us know your results.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded