Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
20twenty
New Contributor

HA problem, A/P mode, 2x800' s runing 2.8MR11

Hi guys, I' ve got 2x800' s running 2.8MR11 i had been running in active/passive HA. The units were connected together with a crossover on the HA port then all other interfaces to 8 port cisco switches with all ports as access in the default VLAN1. It was tested and working fine. As part of an ongoing projects to increase resilience whilst moving to a new ISP we' ve had to relocate one of the 800' s to another building. Everything is still connected as before except the copper links between swithes have been changed to fibre and i' ve also had to introduce switches between the HA ports, again to get the fibre due to distance involved. The ports from FGT-HA to cisco are trunk, trunk between the 2 ciscos then trunk again cisco to FGT-HA at the other end. I' ve gone for trunk as i also configured a 2nd VDOM at the same time as the relocation. OK, now you' ve the background, here' s the problem.... The FGT' s see each other and one takes up primary and the other slave mode. I can see the HA sessions between both boxes in the status/sessions page. When testing the HA i unplugged the ext interface from the primary unit. I see a message in the logs that it has seen the ext. interface down but i get no traffic in/out via the HA interface. I know that everything is connected fine as if i power off the primary unit and power on what should be the slave it becomes primary and works fine which proves that all other links are working fine.
0 REPLIES 0
Labels
Top Kudoed Authors