Did anyone tried to configure the cluster feature on the FortiAnalyzer in 6.0 version?
I cannot get it work. Only it seems that the two FAZ 1000E are in the cluster for a few minutes and after that the HA cluster DOWN, cause=keepalive failure log appears. They are not in cluster anymore.
Also the hearbeat interval has to be set to 1, other number is not working.
Could anyone give me some hint how to get it work?
It seems that the cluster needs an L2 shared because it uses VRRP for cluster IP (to configure in the fortigates).
But the cluster synchronization is done also on geographic L3 link (it requires only the IP of the other FAZ and SN). The configuration sync is done on the port TCP 5199, while log sync is done in TCP 514. It is encrypted, but I don't think it is compressed.
All seems functional and very beautifull! Hope it works well in production too :) Cluster is up from 25 minutes, I've only one devices connected and few logs
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.