![]() ![]() The FortiGate exchanges messages to peer devices to establish an HA cluster.Heartbeat Interface -Add Port 3/HA1 and Port 4/ HA2 port in heartbeat interfaces through which both primary and secondary devices can interchange hello messages to check liveliness of the peer device. Password – same password must be provided to both primary and secondary Firewall.Ĩ. Device Group is used in HA to assign two or more devices to be part of the same HA Group.ħ. Device Group – Group name must be the same for both primary and secondary devices. Here Priority is set 200, secondary devices must have lower numerical value than Primary Firewall.Ħ. More numerical value higher the priority. Once Active-Passive modeselected multiple parameters are requiredĥ. DHCP and PPPoE interfaces are supportedįortigate HA Configuration Configuring Primary FortiGate for HAģ.Physical link between Firewalls for heartbeat.Two to Four identical FortiGate Firewall (same Model ).FGCP travels between FortiGate cluster devices over the heartbeat links and uses TCP port 703 with Ethernet type values: HA Protocol used by FortiGate Cluster to communicate. Only difference in Active / Active mode is that in A/A mode all the FortiGate devices are processing the traffic. ![]() Active / Active -All HA configuration must be in-synchronisation.If the problem is detected in the Primary FortiGate, the secondary device takes over the primary role. Secondary FortiGate device remains in Passive mode and monitors the status of the primary device. In Active/Passive mode the primary device is the only equipment which can actively process the traffic. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |