We had 2 firewalls in a cluster and one failed, FN dutifully replaced the faulty one, awesome, and when I tried to add the secondary one back, it caused a few issues.
I had to change the password, as no one had copied down the password, so I changed it, and mirrored the settings on both firewalls except the priority, the primary had a higher priority.
It appeared to have made a cluster with the secondary and primary, and still leaving the primary as a single firewall on a cluster.
It was not able to connect to the internet and our primary looked as though it had lost some of its config (I had a backup of the config I uploaded and it jumped back into life once I completed this)
Here is a copy of our config.
show config system ha set group-name "Our cluster name" set mode a-p set password "Encrypted password here" set hbdev "ha" 0 set session-pickup enable set override disable set priority 200 end
I give the primary this and all I change is the secondary priority to 150.
I had to upgrade the secondary firmware to the same as this one, so I used the management port, gave it a static IP, remoted in, upgraded firmware, then I tried to add it to the current cluster and this was where it failed. I did not have the thought process in place to make a copy of either firewall configs, during the issues, to see what was happening with them so I unfortunately do not have a copy to show here (Next time I will) Do I need to remove the cluster (I have changed it to standalone mode at the moment)
Is there any other glaring differences I should change?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.