Sie sind auf Seite 1von 2

How do I set up two FortiGate units to operate as an HA cluster?

Page 1 of 2

How do I set up two FortiGate units to operate as an HA cluster?


Article
Note: All FortiGate units have HA capabililties except the FortiGate-50A and 50AM. Use the following steps to configure an active-active HA cluster oftwo identical FortiGate units operating in NAT/Route mode. These steps assume that you have just received two new FortiGate units that you are going to configure as a cluster. In other words the FortiGate units are set to the default configuration and have the same FortiOSv2.80 firmware version.

Print Article

Configure both FortiGate units for HA operation.


1. 2. 3. Turn on a FortiGate unit and connect to the web-based manager as described in your FortiGate QuickStart Guide. Go to System> Status and change the host name. (Each FortiGate unit in the cluster should have a different host name.) Configure HA settings. Go to System> HA and Select High Availability. Configure the following HA settings (keep default settings for others): Mode: Active-Active Group ID: (any number between 1 and 63) Password: (enter and confirm a password of up to 15 characters) Schedule: Round-Robin Select Apply. Turn off the FortiGate unit. Turn on the other FortiGate unit and repeat these steps. Give the second FortiGate unit a different host name. Make sure both FortiGate unit HA configurations are identical, including the same Group ID and Password.

4. 5. 6.

Connect the cluster to your network.


See the following diagram (a FortiGate-500 unit is shown.)

Turn on the FortiGate units, they will negotiate to form a cluster.

Add basic configuration settings


You can now configure the cluster in the same manner as a standalone FortiGate unit. This

http://kb.fortinet.com/kb/viewContent.do?externalId=10957&sliceId=1

4/17/2012

How do I set up two FortiGate units to operate as an HA cluster?

Page 2 of 2

includes changing configuration settings and upgrading firmware. For example: 1. Connect to the cluster web-based manager. Use the procedure in your QuickStart Guide for connecting to the FortiGate unit web-based manager. 2. Change the administrator password.

Go to System> Admin> Administrators. For admin, select Change password. Enter and confirm a new password. Select OK.

3. Configure network interfaces.


Go to System> Network> Interface. For internal, select Edit. Change the IP/Netmask to 192.168.20.93/24. Select OK. For external, select Edit. Change the IP/Netmask to 64.29.46.67/24. Select OK.

4. Set the default route.


Go to Router> Static. Change the default route as required. Select OK.


Last Modified Date: 01-14-2010 Document ID: 10957

http://kb.fortinet.com/kb/viewContent.do?externalId=10957&sliceId=1

4/17/2012