HA Active Active the secondary devices stop to have network connectivity

piaakit1210 · ‎12-15-2023

Dear All,

I have an ugent issue, after the 2 fortigate 201F configured in HA Active Active, the secondary devices stop to have network connectivity, not even the mgmt interface, i can not ping and access to the secondary devices, i have tried to factory reset the secondary device and form the HA again, and issue still exist, and i followed below video to do the HA, any help would be appreicated

https://www.youtube.com/watch?v=j25SwFGa76M

piaakit

anignan · ‎12-15-2023

Hi @piaakit1210 ,

I think you should check your network design because no matter the HA mode only one device is the primary .. HA is just for resource sharing. you cannot have servers only connected to slave and not to primary. They must all connect to both devices and there will be a virtual mac address shared between both member and only the primary will reply to arp request..

Abdel

View solution in original post

anignan · ‎12-15-2023

If possible just power cycle both and update

piaakit1210 · ‎12-15-2023

it comes back online and in-sync, but its still no networking connectivity with all the interfaces

anignan · ‎12-15-2023

What do mean no network connectivity?

Please try set it to Active-passive and lets see

piaakit1210 · ‎12-15-2023

whatever port i connected to in the 2nd device, i can not ping or web console at all to the device, not even in mgmt, in the primary device in thoses interfaces i suppose has dhcp enabled, but when i connect cable to these port, no ip obtained, and i assign ip to my laptop and try ping these interfaces in the 2nd device, its doesnt reach at all

anignan · ‎12-15-2023

This is completely normal the cluster is Active-Active but there is still a master which handle the traffic. Only the master will reply to ARP request and the master will decide which traffic will be processed by the secondary for resource sharing.

Abdel

anignan · ‎12-15-2023

You should be able to connect to the secondary with mgmt port just make sure you have the correct ip address and also a static IP on the same subnet in the management PC

Abdel

piaakit1210 · ‎12-15-2023

in our case, the 2 devices will be located at 2 different rooms and have ha connected, if this is the case, the 2nd device will not have any connectivity, since there are some switches and servers connected to this 2nd device, since there is one default gateway, computer will look for the primary device for internet routing, can you explain to me the different between active - active and active - passive ? sorry i'm new in networking, thanks

piaakit

anignan · ‎12-15-2023

Hi @piaakit1210 ,

I think you should check your network design because no matter the HA mode only one device is the primary .. HA is just for resource sharing. you cannot have servers only connected to slave and not to primary. They must all connect to both devices and there will be a virtual mac address shared between both member and only the primary will reply to arp request..

Abdel

HA Active Active the secondary devices stop to have network connectivity

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website