I am currenlty migrating from checkpoint 3200 ha with smart console to dual 200f fortigates, my questions, when applying the ip's to the interfaces on the forti,
checkpoint gw 1
mgmt: 192.168.x.253/24
port 1: 10.76.x.148/24
port 2: 4.36.x.70/29 (wan)
port 3: 172.16.x.2/24
port 4: 70.91.x.80/29 (secondary wan)
port 5: 1.1.1.1/24
checkpoint gw 2
mgmt: 192.168.x.254/24
port 1: 10.76.x.149/24
port 2: 4.36.x.71/29 (wan)
port 3: 172.16.x.3/24
port 4: 70.91.x.81/29 (secondary wan)
port 5: 1.1.1.1/24
Very new to fortinet and trying to learn this instead of using forticonverter. I tried kind of setting this up on the forti but it didn't work properly, we currently have 5 static ip's on both of our isp providers, when I configure the ha on my fortigates, they both seem to be taking the same management ip and I have to manually go in and change it to gain access back to the gui. Just trying to see where I need to start, thanks in advace.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @jmart1191,
For FortiGate in HA, you only need to configure the primary unit and it will synchronize with the secondary. You don't need to assign static IP to the secondary.
For managment interface, please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-HA-Reserved-Management-Interface/ta-p/1901...
Regards,
Hello jmart1191,
In order to configure the interface IP address on your FortiGate 200F units to align with the IP addresses used by your Checkpoint gateways and resolve the management IP conflict issue during HA setup, please follow these steps:
Assigning IP addresses to FortiGate interfaces:
1. Access the FortiGate CLI or GUI interface.
2. Configure the interfaces on each FortiGate unit with the corresponding IP addresses according to your Checkpoint gateways.
3. Ensure each interface is correctly assigned to the appropriate subnet and VLAN if applicable.
For detailed interface settings, refer to the below link:
https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/574723/interface-settings
Resolving the Management IP Conflict:
1. During HA setup, ensure that each FortiGate unit has a unique management IP address to prevent conflicts.
2. Manually assign distinct management IPs to each FortiGate unit before enabling HA.
3. Verify that the HA configuration does not overwrite the management IP settings.
For managing out-of-band with reserved management interfaces, refer to:
https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/313152/out-of-band-managemen...
For in-band management options, refer to:
https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/251230/in-band-management
Hi @jmart1191,
For FortiGate in HA, you only need to configure the primary unit and it will synchronize with the secondary. You don't need to assign static IP to the secondary.
For managment interface, please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-HA-Reserved-Management-Interface/ta-p/1901...
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1545 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.