Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
cy
New Contributor

Created on ‎11-14-2024 01:30 AM

Seeking Guidance: FortiGate HA

Hello! I'm working on an exciting network improvement project to implement High Availability (HA) in my environment by adding a second Fortigate appliance.

 

Currently, I have a single Fortigate 80F that's efficiently managing two WAN interfaces through SD-WAN. This setup allows me to create custom rules for routing specific devices through different WANs and provides automatic failover if either ISP experiences downtime.

 

I would need to enhance this setup by implementing a second Fortigate appliance to ensure network continuity even if one Fortigate unit fails. I'm curious about the best approach to achieve this - would it require any additional hardware like switches?

 

I'd greatly appreciate any guidance on implementing this redundant setup.

 

Untitled.png

 
Labels:
208
0 Kudos
3 REPLIES 3
cjackson_ncl
New Contributor III

Created on ‎11-14-2024 03:06 AM Edited on ‎11-14-2024 03:14 AM

You could create transit VLAN's for the two ISPs on the switch you have in the second diagram, in which the ISP routers and the WAN ports on the 2 FortiGates will uplink into. This is the easiest way to achieve this but you now have a single point of failure in the switch.

 

Hopefully this example illustrates this.HA example.png

 

You could build on this by uplinking into multiple switches tor additional resilience, but that all depends on your setup and budget.

NSE4
NSE4
182
0 Kudos
Toshi_Esumi
SuperUser
SuperUser

Created on ‎11-14-2024 10:06 AM

I would add a direct cable between two 80Fs to @cjackson_ncl 's diagram for heartbeat connection without going through the switch, if they're close to each other.

Toahi

150
cjackson_ncl
New Contributor III
In response to Toshi_Esumi

Created on ‎11-15-2024 02:43 AM

Yes this also. Apologies I had assumed this would be the case anyway

NSE4
NSE4
113
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.