System config HA
FortiGate-200A Administration Guide 01-28006-0072-20041105 93
Inserting an HA cluster into your network temporarily interrupts communications on
the network because new physical connections are being made to route traffic through
the cluster. Also, starting the cluster interrupts network traffic until the individual
FortiGate units in the cluster are functioning and the cluster completes negotiation.
Cluster negotiation normally takes just a few seconds. During system startup and
negotiation all network traffic is dropped.
1 Connect the cluster units.
• Connect the internal interfaces of each FortiGate unit to a switch or hub connected
to your internal network.
• Connect the WAN1 interfaces of each FortiGate unit to a switch or hub connected
to your external network.
• Connect the DMZ2 interfaces of the FortiGate units to the same switch or hub. By
default the DMZ2 interfaces are used for HA heartbeat communication. These
interfaces should be connected together for the HA cluster to function.
• Optionally connect the WAN2 interfaces of each FortiGate unit to a switch or hub
connected a second external network.
• Optionally Connect the DMZ1 interfaces of the FortiGate units to another switch or
hub.
Figure 31: HA network configuration
Esc Enter
DMZ2DMZ1INTERNAL WAN1 WAN2CONSOLE USB
1234
A
Esc Enter
DMZ2DMZ1INTERNAL WAN1 WAN2CONSOLE USB
1234
A
Internal Network
Internal
Internal
WAN 1
WAN 1
Hub or
Switch
Hub or
Switch
Router
DMZ 2
DMZ 2
Internet
To Next Page
Loading...
