Table of Contents
Advertisement
Configuring FortiGate units for HA using the CLI
50
Inserting an HA cluster into your network temporarily interrupts communications on
the network because new physical connections are being made to route traffic through
the cluster. Also, starting the cluster interrupts network traffic until the individual
FortiGate units in the cluster are functioning and the cluster completes negotiation.
Cluster negotiation normally takes just a few seconds. During system startup and
negotiation all network traffic is dropped.
To connect the cluster
1
Connect the cluster units:
•
Connect the LAN interfaces of each FortiGate unit to a switch or hub connected to
a network.
•
Connect port 1 of each FortiGate unit to a switch or hub connected to your internal
network.
•
Connect port 2 of each FortiGate unit to a switch or hub connected to your external
network.
•
Optionally connect ports 3, 5, and 6 of each FortiGate unit to switches or hubs
connected to other networks.
•
Connect port 4 of each FortiGate unit to another switch or hub. By default port4 is
used for HA heartbeat communication. These interfaces should be connected
together for the HA cluster to function.
Figure 11: HA network configuration
Internal Network
Hub or
Switch
Port 1
CONSOLE
USB
Esc
Enter
A
CONSOLE
USB
Esc
Enter
A
Port 1
01-28005-0101-20041015
Port 2
10/100
10/100/1000
LAN
L1
L2
L3
L4
1
2
3
4
5
6
Port 4
Port 4
LAN
10/100
10/100/1000
L1
L2
L3
L4
1
2
3
4
5
6
Port 2
Internet
High availability installation
Hub or
Switch
Router
Fortinet Inc.
Advertisement
Table of Contents
