FortiGate Version 3.0 MR4 Administration Guide
122 01-30004-0203-20070102
HA System Config
Cluster members list
Display the cluster members list to view the status of an operating cluster and the
status of the FortiGate units in the cluster. To display the cluster members list, log
into an operating cluster and go to System > Config > HA.
Group Name Add a name to identify the cluster. The maximum group name length is 7
characters. The group name must be the same for all cluster units
before the cluster units can form a cluster. After a cluster is operating
you can change the group name. The group name change is
synchronized to all cluster units.
The default group name is FGT-HA. You can accept the default group
name when first configuring a cluster. When the cluster is operating you
can change the group name if required. Two clusters on the same
network cannot have the same group name.
Password Add a password to identify the cluster. The maximum password length is
15 characters. The password must be the same for all cluster units
before the cluster units can form a cluster.
The default is no password. You can accept the default when first
configuring a cluster. When the cluster is operating you can add a
password if required. Two clusters on the same network must have
different passwords.
Enable Session
pickup
Enable session pickup so that if the primary unit fails, all sessions are
picked up by the cluster unit that becomes the new primary unit.
Session pickup is disabled by default. You can accept the default setting
for session pickup and then chose to enable session pickup after the
cluster is operating.
Port Monitor Enable or disable monitoring FortiGate interfaces to verify that the
monitored interfaces are functioning properly and connected to their
networks.
If a monitored interface fails or is disconnected from its network the
interface leaves the cluster and a link failover occurs. The link failover
causes the cluster to reroute the traffic being processed by that interface
to the same interface of another cluster unit that still has a connection to
the network. This other cluster unit becomes the new primary unit.
Port monitoring is disabled by default. Leave port monitoring disabled
until the cluster is operating and then only enable port monitoring for
connected interfaces.
Heartbeat
Interface
Enable or disable HA heartbeat communication for each interface in the
cluster and set the heartbeat interface priority. The heartbeat interface
with the highest priority processes all heartbeat traffic. If two or more
heartbeat interfaces have the same priority, the heartbeat interface that
is highest in the interface list processes all heartbeat traffic.
The default heartbeat interface configuration is different for each
FortiGate but usually sets the priority of two heartbeat interfaces to 50.
You can accept the default heartbeat interface configuration if one or
both of the default heartbeat interfaces are connected.
The heartbeat interface priority range is 0 to 512. The default priority
when you select a new heartbeat interface is 0.
You must select at least one heartbeat interface. If heartbeat
communication is interrupted the cluster stops processing traffic. For
more information about configuring heartbeat interfaces see the
FortiGate HA Guide.
VDOM
partitioning
If you are configuring virtual clustering you can select the virtual
domains to be in virtual cluster 1 and the virtual domains to be in virtual
cluster 2. The root virtual domain must always be in virtual cluster 1. For
more information about configuring VDOM partitioning see the FortiGate
HA Guide.
To Next Page
Loading...
Need help?
General