72 01-28004-0028-20040830 Fortinet Inc.
Connecting the cluster to your networks High availability installation
Inserting an HA cluster into your network temporarily interrupts communications on
the network because new physical connections are being made to route traffic through
the cluster. Also, starting the cluster interrupts network traffic until the individual
FortiGate units in the cluster are functioning and the cluster completes negotiation.
Cluster negotiation normally takes just a few seconds. During system startup and
negotiation all network traffic is dropped.
To connect the cluster
1 Connect the cluster units:
For FortiGate-4000S:
• Connect your internal network to the internal switched interface module.
• Connect your external network to the external switched interface module.
For FortiGate-4000P:
• Connect the internal pass-through interface module of each FortiGate unit to a
switch or hub connected to your internal network.
• Connect the external pass-through interface module of each FortiGate unit to a
switch or hub connected to your external network.
Figure 25: HA network configuration
INTERNAL
DMZ4321
LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100
WAN1 WAN2
PWR STATUS
INTERNAL
DMZ4321
LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100
WAN1 WAN2
PWR STATUS
Internet
Internal Network
Internal
Internal
WAN1
WAN1
DMZ
DMZ
Hub or
Switch
Hub or
Switch
Router
To Next Page
Loading...
