Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jomof
Contributor

Created on ‎05-26-2024 11:49 AM

Configuring new deliciated HA heartbeat for Redundancy.

 

Hello Expert,

 

I have two 400E in a HA cluster .

We use the default HA ports for Heartbeat interface but had to add redundancy using the lan port.(BR_DATA port8After reviewing numerous documentation we found that this was not best practice since the lan port is heavy use for data.

I would like to assigned a new deliciated port (24)  to be my  backup heartbeat and remove (BR_DATA (port8) but would need some guidance since this is a production environment. 

 

Also to configure port 24 as heartbeat port are there any special configuration need prior to it being assigned .

 

GuyOffice-1 (ha) # show
config system ha
set group-name "trans_amt"
set mode a-p
set password g==????Swdee
set hbdev "ha" 200 "port8" 100
set session-pickup enable
set override disable
set priority 200
set monitor "port8"
end

 

Thank you

 

Labels:
1110
0 Kudos
1 Solution
ozkanaltas
Valued Contributor III
In response to jomof

Created on ‎05-29-2024 06:17 AM

Hi @jomof ,

 

If you don't make any changes to the Ha port on the same time, there will be no interruption. Because FortiGate will still continue communicating on the HA port.

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

View solution in original post

If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
986
4 REPLIES 4
ozkanaltas
Valued Contributor III

Created on ‎05-26-2024 11:56 AM

Hello @jomof ,

 

A dedicated interface is always suggested for the HA heartbeat interface.

 

When I reviewed your configuration you have also one more heartbeat interface (HA). Because of that you can remove port8 from the configuration and add Port24.

 

No need to do a special configuration for that. You just need to make sure that the new cable is connected to the same port to both devices and is up.

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
1102
jomof
Contributor
In response to ozkanaltas

Created on ‎05-29-2024 06:12 AM

 

Sorry for the tardy response but this looks okay one more thing since this is production environment will i have any downtime?
Thanks 
 
Regards
PREVIEW
 
 
 

 

S

991
0 Kudos
ozkanaltas
Valued Contributor III
In response to jomof

Created on ‎05-29-2024 06:17 AM

Hi @jomof ,

 

If you don't make any changes to the Ha port on the same time, there will be no interruption. Because FortiGate will still continue communicating on the HA port.

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
987
jomof
Contributor
In response to ozkanaltas

Created on ‎05-31-2024 05:50 AM

Hello @ozkanaltas ,

 

Thank you once again for your invaluable help.

940
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.