g3rman
Thank you for your help having read through the document I do agree your method is the best way.
The consultants who implemented the firewall solution have left the group_id on both clusters as 0. Sometime back they tried to get them to talk to one another but it failed, im now thinking this is what caused the issue.
I dont have a full test lab to test out changing the current configuration i.e. adjusting the group_id, can you tell me what is the likely impact given that this is a semi-production network. Obviously the virtual MAC addresses willl change, will the device need a reboot?
Thanks
oh and one last question... how does the device manage the MAC address of the virtual interface i.e. any VLANs that sit beneath the physical interface? is there any way to show these?
Thanks
Fortigate 1000A
v4.0,build194,100121 (MR1 Patch 4)
Fortianalyzer 800B
v4.0,build0130 (MR1 Patch 3)