Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Chronis
New Contributor

IP address to HA Heartbeat Interfaces

Hello all,

Is there a need to assign IP addres to HA interface(active/active) .?

I have connect fg300 with Ethernet cable cat 6 and everything seems to be working fine , sync, restart one the other continue....etc

And one more question how the cluster understand the failure of the lan internal network. For example lets say that the one is connect to the lan failed how the other know ? can i do with monitor ports?

 

5 REPLIES 5
Alexis_G
Contributor II

the HA interfaces assign (by them selves) IPs 169.254.1.x ,where x=1 the fortigate with the highest serial number x=2  thesecond ,so so....

 

HA configuration and operation is not something that can be written in a chat , I advice you to read the Fortinet documentation for HA operation/diagnostics (by google them!!!)

 

--------------------------------------------

If all else fails, use the force !

-------------------------------------------- If all else fails, use the force !
Chronis

ok you have right but my HA is working,no error in status or in the sync, so it is simply question do I have to use or not?

Toshi_Esumi

jklapas is saying you don't/shouldn't configure any IP on HA interface. Below cookbook has no IP configuration to make HA work.

https://cookbook.fortinet.com/high-availability-two-fortigates-54/

 

Toshi_Esumi

Sorry, a typo: I meant to type "HB(heartbeat) interface".

Prab
New Contributor

Chronis wrote:

Hello all,

Is there a need to assign IP addres to HA interface(active/active) .?

I have connect fg300 with Ethernet cable cat 6 and everything seems to be working fine , sync, restart one the other continue....etc

And one more question how the cluster understand the failure of the lan internal network. For example lets say that the one is connect to the lan failed how the other know ? can i do with monitor ports?

 

I would recommend to go through the FortiOS guide as it explains all the details.

 

As other's already mentioned you don't need to assign any IP address to the HA interfaces.

 

If you would like to access/manage the FGTs in a cluster from unique IPs, then you should look at the Reserved HA  Management Interface settings.

 

The failover in a cluster will depend upon the HA configuration.

 

I think you need to check the monitor interface feature if you would like to cause a failover if an interface is down. FGTs will exchange hello/heartbeat packets via heartbeat links to determine when to failover.

 

Hope it helps.

Prab

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors