Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-28-2018 12:21 AM Edited on ‎09-26-2024 12:41 AM By Community Manager

Article Id 195547

Technical Tip: Reboot Control and Application Servers Configured for High Availability

Description

 
This article describes a procedure that reboots appliances in a Control Server/Application Server pair configured for High Availability (HA) without causing a failover.
 
Note the following:
  • The steps outlined are for accessing appliances via CLI. If CLI access is not available, contact support for assistance. 
  • To reboot using the Administration UI, refer to the Power management section of the Administration Guide in the Fortinet Document Library.
  • During this process, all management functionality is stopped:
    • VLAN switching.
    • Captive Portal pages.
    • RADIUS processing.
    • Registration of endpoints.

Scope

 

FortiNAC.


Solution

 

Important:  If L2 HA configuration, do not access CLI using the Virtual IP (VIP). The VIP becomes inaccessible once the control process is stopped.


Gracefully Shut Down Processes on All Servers.
 
  1. Shut down control process in Primary Servers. In Primary Control Server CLI type:

    shutdownNAC

  2. Wait 30 seconds. This shuts down control processes for both Primary Control and Application Servers.

  3. To verify Control Process 'Yams' is no longer running, run the following command in Control Server and Application Server CLI:

    jps

  4. Shut down Management process. In each server CLI type:

    shutdownNAC -kill

    Reboot Appliances.

  5. In Primary Application Server CLI type:

    reboot

  6. Wait 30 seconds.

  7. In Primary Control Server CLI type:

    reboot

  8. Wait until the Primary Control and Application Servers are up and running (by confirming SSH access and Administration UI access). The startup could take anywhere between roughly 5-10 minutes. Suggest waiting that long before attempting to access the UI.

  9. In Secondary Application Server CLI type:

    reboot

  10. In the Secondary Control Server CLI type:

    reboot

  11. After 4-5 minutes, confirm that the Administration UI dashboard shows all servers up. The Primary Server(s) should be in control and display the following status:

    Primary Servers: Running - In Control
    Secondary Servers: Running - Not In Control

On FortiNAC-F the above commands needs to be executed on shell using the following command:

execute enter-shell
$shutdownNAC
$shutdownNAC -kill
$reboot
 
Related documents:

Technical Note: How to reboot Control and Application servers via CLI
Guide: CLI reference manual 

Labels:
2823
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.