Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Fabio74
New Contributor

Created on ‎02-27-2023 02:51 AM

HA (High Availability)

Good morning everyone. Attached is the current sceneHA.png. We have now acquired a second Fortigate 100F. The idea is to configure the two in active-passive HA (High Availability). I have some doubts. 1) Can the WAN be the same? 2) How do I connect and where do I connect the three doors of the second Fortigate? 3) The 3 ports of the first Fortigate are configured as DHCP Servers, will they continue to work?

Labels:
328
0 Kudos
3 Solutions
srajeswaran
Staff
Staff

Created on ‎02-27-2023 02:58 AM

srajeswaran_0-1677495461221.png

This is the ideal method and all the functionalities will continue to work as in the current setup.

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

View solution in original post

324
0 Kudos
srajeswaran
Staff
Staff
In response to Fabio74

Created on ‎02-27-2023 03:17 AM

Yeah, the same ports from both units need to connect to the same LAN subnets. The LAN segments in diagram shows switches, is that so? If so, you just need to add one port to the connection towards the new FGT unit.

 

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

View solution in original post

314
0 Kudos
srajeswaran
Staff
Staff
In response to Fabio74

Created on ‎02-27-2023 03:43 AM

Hi Fabio,

 

Yes, this is correct and expected to work.

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

View solution in original post

307
0 Kudos
9 REPLIES 9
srajeswaran
Staff
Staff

Created on ‎02-27-2023 02:58 AM

srajeswaran_0-1677495461221.png

This is the ideal method and all the functionalities will continue to work as in the current setup.

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
325
0 Kudos
Fabio74
New Contributor
In response to srajeswaran

Created on ‎02-27-2023 03:07 AM

Woww... Great, thanks for the quick reply srajeswaran. Two more little doubts. 1) I don't have a Layer 2 switch, can it still work? 2) I connect ports H1 and H2 equally to each other, right?

321
0 Kudos
srajeswaran
Staff
Staff
In response to Fabio74

Created on ‎02-27-2023 03:17 AM

Yeah, the same ports from both units need to connect to the same LAN subnets. The LAN segments in diagram shows switches, is that so? If so, you just need to add one port to the connection towards the new FGT unit.

 

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
315
0 Kudos
Fabio74
New Contributor
In response to srajeswaran

Created on ‎02-27-2023 03:36 AM

OK perfect. Sorry but the translator often doesn't work effectively. So I can use a regular 1GB Switch. I entered the new design. Last thing, the 3 LAN ports are currently configured in VLAN Switch. Is that okay?HA.png

312
0 Kudos
srajeswaran
Staff
Staff
In response to Fabio74

Created on ‎02-27-2023 03:39 AM

yes, this looks fine. Yes, the VLANs can be configured on the VLAN switch, just need to make sure the FGT ports (from both nodes) are mapped to the corresponding LAN ports.

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
310
0 Kudos
Fabio74
New Contributor

Created on ‎02-27-2023 03:40 AM

I was wrong, actually the scheme should be this, precisely because I don't have a layer2 switchHA.png

310
0 Kudos
srajeswaran
Staff
Staff
In response to Fabio74

Created on ‎02-27-2023 03:43 AM

Hi Fabio,

 

Yes, this is correct and expected to work.

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
308
0 Kudos
Fabio74
New Contributor
In response to srajeswaran

Created on ‎02-27-2023 03:46 AM

Let's hope so. It's the first time I try something more advanced. Also because I made the company spend a lot of money :) Thank you very much for the technical and moral support :)

305
0 Kudos
srajeswaran
Staff
Staff
In response to Fabio74

Created on ‎02-27-2023 09:10 PM

You are welcome. Feel free to post more if you face any issues while implementing. We are here to help.

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
269
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.