Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
royallyre7
New Contributor

Redundant Interface and HA design

Hi,

i would like to ask about FortiGate redundant interfaces.

I noticed that FortiGate redundant interface can use for link failover.

So i consider the HA design without using switch between firewalls.

i create redundant interfaces on DB tier firewall to connect to APP tier firewall. I create redundant interfaces on APP tier firewall to connect web tier firewall. Link monitor for HA in Web tier is WAN and LAN interface. Link monitor for HA in APP Tier is LAN interface. Link monitor for HA in DB tier is WAN and LAN interface

Please see the blew picture.

I only worry if  firewall redundant interfaces are directly connected to firewall without connect to switch ,the HA and redundancy will work properly ?

Please let me know any concern on my design ?

1 REPLY 1
lobstercreed
Valued Contributor

TIL about redundant interfaces (i.e. NOT 802.3 aggregates) on FortiOS.  I didn't even know that was a thing and thought maybe you were talking about an aggregate (which would not work this way), but yes from what I read it looks like this should work.  Please do let us know your results.