Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
synthesister_p
New Contributor

FG 7.2 AWS HA A/P single az

we are running privately, so no EIP are associated with the LAN/WAN interfaces

 

so i created the M/S  but when i create the HA the standby unit takes on the primary ip addresses of the master. when manual failover is initiated then traffic stops, the secondary ips and routes etc have been updated but i need to manually go onto the standby fortigate and change the ip addresses of the the LAN/WAN interfaces to what i originally set them to (different to the master primaries) before creating the HA.

 

If i then turn the master back online then the masters LAN/WAN interfaces are changed to that of the standbys, if i initiate a failover back to the master then again i need to change the ip addresses within the fortigate master to the primaries within AWS config and what i originally set :\

 

any ideas?

1 REPLY 1
synthesister_p
New Contributor

i worked this out in the end, will post a write up in a week. documentation/diagram needs updating by fortigate

 

mainly was my not understanding that you must'nt use the interface as a reference for doing NAT etc and must use the secondary ips for everything and yes the backup unit does change its local to fortigate ips.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors