Fortinet Community

BusinessUser · ‎08-24-2023

Firewall 1 has WAN1 and WAN2.

Firewall 2 has WAN1 and WAN2.

They are both running HA together,

Assume that I want to connect ISP1 to FW1 WAN1; and ISP2 to FW2 WAN1.

Is it possible?

If they are running HA, how do I know if I am controlling FW1 or FW2?

srajeswaran · ‎08-24-2023

Ideally in a cluster one node is active and other is backup, which means the link connected to backup node will not be active.

Is there any specific reason for making the ISP2 connection active on FW2? If you are just looking for redundancy configuring default routes via ISP1 and ISP2 with different priorities should help.

You can also consider virtual-clusters to make both nodes active . ref : https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/599385/ha-virtual-cluster-se...

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

spoojary · ‎08-24-2023

Yes, it is possible to connect ISP1 to FW1 WAN1 and ISP2 to FW2 WAN1 in a High Availability (HA) setup using FortiGate firewalls. In this scenario, you would have two firewalls, each with two WAN interfaces. The primary goal of this setup is to provide redundancy and failover in case one firewall or one ISP connection goes down.

Siddhanth Poojary

BusinessUser · ‎08-25-2023

active active is it possible?

But if I connect FW1 to WAN1 and FW2 to WAN1, both WAN1, will there be a confusion?

Fortinet Community

Fortigate HA firewall running WAN interfaces