Hi,
As a part of PoC work for one of our projects, we are evaluating FGCP HA. Currently, we are trying to setup HA on ESXi servers with evaluation licenses for FortiGate servers. But the setup for FGSP HA did not work, even though we have two different serial numbers for both FG and FW. I also enabled promiscuous mode on Vswitch, but it didn't work. Could anyone please confirm if HA will work on the VM evaluation version?
Regards,
Thoubik Ahamed P.
Solved! Go to Solution.
Hi All,
My HA issue was resolved because in exsi VM HA will work on unicast but normal HA work on multi-cast. That is the issue here and its fixed.
PFB link FYR,
Regards,
Thoubik Ahamed P.
Hello,
Can you please elaborate what you are referring to by not work (i.e. cluster is not formed, session/config is not synchronized, etc.)?
Hi @abarushka ,
My HA issue was resolved because in exsi VM HA will work on unicast but normal HA work on multi-cast. That is the issue here and its fixed.
PFB link FYR,
Thanks for your response.
Regards,
Thoubik Ahamed P.
Hello @thoufik786
Following debugs might give you some hints that, why it is failing, if it is something with configs on FortiGate.
diagnose sniffer packet any 'ether proto 0x8890' 4
diagnose debug application hatalk -1
diagnose debug application hasync -1
- Share output of HA configs from both Fortigates.
regards,
Sheikh
Hi @Sheikh,
My HA issue was resolved because in exsi VM HA will work on unicast, while normal HA work on multi-cast. That is the issue here and its fixed.
PFB link FYR,
Thanks for your response.
Regards,
Thoubik Ahamed P.
Hi All,
My HA issue was resolved because in exsi VM HA will work on unicast but normal HA work on multi-cast. That is the issue here and its fixed.
PFB link FYR,
Regards,
Thoubik Ahamed P.
Hello @thoufik786 ,
Nice to see that issue is resolved and thanks for sharing technical document, this might help others as well.
regards,
Sheikh
I am using fortigate free trial VM in esxi home lab setup. I had an issue where when i initiate HA , the VM became unavailable. Had to put in standalone mode via cli to log back into GUI of VM. It turned out that i need set "MAC address changes" setting in the vSwitch security settings to "Accept" and save. VOILA! HA config goes through with no issues!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.