I tried this and configured a cluster setup with two serials. The first config starts but ends up "Waiting All Secondaries to Auto-Link" When i connect the secondary firewall to the internet to do ZTP nothing happens. It keeps waiting for something to happen.
Anyone with experience with this option and who got it working? Anything special you did (like did you connect the heartbeat interface in advance or not?), or just connect two FortiGates to the internet and it went without issue?
There are multiple aspects to consider:
- ZTP : does it work or not? Does the FG obtain the configuration or anything over the internet? Does it connect to the internet successfully?
- HA: If this is a cluster, it is recommended that each of the units gets license and registration first, then connect the heartbeat interfaces to form a cluster
- FortiManager: should connect to the cluster entity, not to individual units.
thanks Alex.
with some Fortinet support tickets it seemed it wasn't quite working yet with the used version. things should be better in latest 7.0.x versions. if i encounter this again ill double check it.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.