To successfully form an HA cluster, you must ensure that the members have the same: • Firmware version Model: the same hardware model or VM model • Licensing: includes the FortiGuard license, VDOM license, FortiClient license, and so on • Hard drive configuration: the same number and size of drives and partitions • Operating mode: the operating mode-NAT mode or transparent mode—of the management VDOM
You can configure HA (Active/Passive) on a FortiGate 70F or 80F using a VLAN over your core-switches. While this is less conventional than a direct connection, it's feasible provided the switches and the fiber link are highly reliable. The main concern is avoiding a split-brain scenario, where both units believe they're active. To mitigate this, ensure the VLAN traffic for HA is prioritized and the connection has low latency. It's crucial to monitor the setup and test failover scenarios before going live. Although this setup adds a layer of complexity, if the underlying network is reliable and you've prioritized HA traffic, it can be a robust solution. Always refer to Fortinet's documentation and consider seeking support if unsure.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.