Help
FortiGate-VM on AWS Technical Learning

High Availability for FortiGate-VM on AWS

aallisonftnt
Staff
Staff
‎03-14-2024 10:34 AM

FortiGate-VM for AWS offers high availability (HA) and a variety of security features to protect your workloads on AWS.

 

High Availability (HA) can be set up in two ways:

  • Active/Passive: If the main firewall fails, a secondary one automatically takes over.
  • Active/Active: Traffic is distributed between multiple firewalls for redundancy.

Security Features:

  • Protects against threats with stateful inspection and security features.
  • IPS technology safeguards against network-level threats.
  • Docker application control secures containerized environments. 

The following topics provide an overview of different HA configurations when using FortiGate-VM for AWS.

0 Kudos
2 Comments
rupert5646
New Contributor
‎02-08-2025 11:31 AM
‎02-08-2025 11:31 AM

I have followed the Deploying FortiGate-VM A-P on AWS within one zone and I cannot get HA to fully work.  I think there is something missing from the IAM role.  What must the IAM role contain?

The FortiGate's fail over but the Public IP assigned to the secondary private IP is never reachable.

0 Kudos
Gallego
Staff
Staff
‎02-11-2025 05:18 AM
‎02-11-2025 05:18 AM

Hi Rupert, this is an example of policy:

 

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "ec2:Describe*",
                "ec2:AssociateAddress",
                "ec2:AssignPrivateIpAddresses",
                "ec2:UnassignPrivateIpAddresses",
                "ec2:ReplaceRoute"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.