Managing an ha cluster, Use the information in – Fortinet FortiGate 4000 User Manual

Page 87

Advertising
background image

High availability

Managing an HA cluster

FortiGate-4000 Installation and Configuration Guide

87

Managing an HA cluster

The configurations of all of the FortiGate units in the cluster are synchronized so that
the FortiGate units can function as a cluster. Because of this synchronization, you
manage the HA cluster instead of managing the individual FortiGate units in the
cluster. You manage the cluster by connecting to the web-based manager or CLI
using any interface configured for management access (except the HA interface). All
units in the cluster are synchronized with the same interface IP addresses.
Connecting to any interface IP address configured for management access connects
to that cluster interface, which automatically connects you to the primary FortiGate
unit in the cluster.

You can also use SNMP to manage the cluster by configuring a cluster interface for
SNMP administrative access. Using an SNMP manager you can get cluster
configuration information and receive traps.

You can change the cluster configuration by connecting to the cluster and changing
the configuration of the primary FortiGate unit. The cluster automatically synchronizes
all configuration changes to the subordinate units in the cluster as the changes are
made.

The only configuration change that is not synchronized is the FortiGate host name.
You can give each cluster unit a unique host name to help to identify cluster members.
For information about changing the host name of cluster members, see

“Changing

cluster unit host names” on page 92

.

You can use the web-based manager to monitor the status and logs of individual
cluster members. See

“Monitoring cluster members” on page 89

and

“Viewing and

managing cluster log messages” on page 90

.

You can manage individual cluster units by using SSH to connect to the CLI of the
cluster. From the CLI you can use the execute ha manage command to connect to

the CLI of each unit in the cluster. You can also manage individual cluster units by
using a null-modem cable to connect to the primary cluster unit. From there you can
also use the execute ha manage command to connect to the CLI of each unit in the

cluster. See

“Managing individual cluster units” on page 92

for more information.

Note: You cannot connect to the HA interfaces to manage the cluster or to manage individual
FortiGate units in the cluster.

Advertising
Popular Brands
Popular manuals