Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jpever
New Contributor

Multiple unicast-hb-peer ip in same subnet in fortigate

Currently we are having Fortigate VM deployed in AWS in different regions.

We have only one port configured for HA-SYNC between two fortigate VM as shown in this diagram. 

https://docs.fortinet.com/document/fortigate-public-cloud/7.4.0/aws-administration-guide/229470/depl...

 

On the diagram it was given with 10.0.2.11 to primary

and 10.0.12.11 to secondary

 

Question :

Can we configure another HA-SYNC interface (for eg: port6) on the same subnet range as Port4 as shown in diagram above. Below will be the configuration 

10.0.2.12 to primary with port 6

10.0.12.12 to secondary with port6

 

 

1 REPLY 1
Dhruvin_patel

Greetings!

 

The same subnet range can be configured after enabling the subnet overlap setting.

# config system settings
     set allow-subnet-overlap [enable/disable]
 end

 

Reference Document: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enable-subnet-overlap-to-set-IP-addresses-...

 

Regards!

If you have found a solution, please like and accept it to make it easily accessible for others.

Dhruvin Patel
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors