Inter-chassis ha configurations – Fortinet 5003 User Manual

Page 84

Advertising
background image

FortiSwitch-5003A and 5003 Fabric and Base Backplane Communications Guide

84

01-30000-85717-20081205

Inter-chassis HA configurations

FortiGate-5020 base backplane communication

3

On each FortiGate module to be included in the HA cluster, go to System >
Config > HA.

4

Select the Mode, then enter the Group Name, and Password.

You may also want to set other options, such as the Device Priority or session
pick-up. For detailed instructions, see the

FortiGate HA Guide

.

5

If the base backplane interfaces do not have heartbeat interface precedence,
increase the precedence of the base backplane interfaces so that they are
selected as the primary and first failover heartbeat interface.

• If interface priorities are not all equal, set the base backplane interfaces’

priority to a higher value than all other interfaces.

• If interface priorities are all equal, set the base backplane interfaces’ priority to

a higher value than all other interfaces, or disable interfaces listed above the
base backplane interfaces in the Heartbeat Interface list. For some FortiGate
models or configurations of other HA interfaces, this may mean that no change
is required. The table below describes where changes are required, and if so,
what kind.

6

If you want to select a different base backplane interface as the primary heartbeat
interface, increase its priority.

7

Select OK.

Inter-chassis HA configurations

Base backplane HA clustering between multiple FortiGate-5020 chassis is not
supported. To configure HA for FortiGate modules installed in separate
FortiGate-5020 chassis, you must instead connect the heartbeat through
FortiGate module front panel interfaces.

Figure 36 on page 85

shows an HA cluster of four FortiGate-5001SX modules

installed in two separate FortiGate-5020 chassis. For each FortiGate module in
the example cluster:

• port1 connects to an internal network switch
• port2 connects to an external network switch, which is connected to the

Internet

• port7 and port8 connect to switches that handle only heartbeat traffic
• port3 to port6 are not used

Note: Heartbeat interface precedence can be determined by multiple factors, including
Priority and position in the Heartbeat Interface list. For details, see

“Slot position and HA

heartbeat interface precedence” on page 77

.

Note: For enhanced reliability, connect and configure heartbeat failover between two or
more non-base backplane interfaces.

Advertising
Popular Brands
Popular manuals