DescriptionThis article describes different scenarios that triggers failover on FortiNAC.SolutionTriggering failover on FortiNAC can be achieved by one of the below scenarios:
Scenario 1. Network loss: Disconnect the eth0 interface of the Primary Server or admin down the switch port .
Scenario 2. Cold shutdown: unplug power cable from the box or if it is a VMware machine right select the VM Power, Power off (DO NOT select Guest Shutdown because it will not trigger failover).
Scenario 3. Management processes down: In the Primary Server CLI, stop the management process without idling the Control process. Type -> shutdownNAC -kill
Open SSH session to the Secondary Server and begin tailing the processManager log.
- logs
- tf output.processManager
The Secondary Server regularly attempts to poll the status of its corresponding Primary Server every 30 seconds.
If the Primary Server does not respond after 5 consecutive attempts (or the number defined by the Ping Retry Count), the Secondary Server will attempt to take control.
Failover is complete once the appropriate Secondary Server(s) taking control display status (Slave) Slave In Control Idle(false).
This can take several minutes.
In scenario 3 to startup the service again on the primary type -> startupNAC.
In the three scenarios, it is necessary to manually resume control on to the primary by selecting on Dashboard -> Main, scroll to the Summary panel and select the 'Resume Control' button.
Check page 21 in the below High availability guide:
