So, a lot of people are starting to deploy HA clusters of Fortinet hardware which is awesome. There are however some things you will want to consider before doing so. Here is a drill down from the Fortinet HA for FortiOS 5.4 Administration document.
Before you begin
Before you begin using this guide, take a moment to note the following:
- If you enable virtual domains (VDOMs), HA is configured globally for the entire FortiGate unit and the configuration is called virtual clustering.
- This HA guide is based on the assumption that you are a FortiGate administrator. It is not intended for others who may also use the FortiGate unit, such as FortiClient administrators or end users.
- The configuration examples show steps for both the web-based manager (GUI) and the CLI. At this stage, the following installation and configuration conditions are assumed:
- You have two or more FortiGate units of the same model available for configuring and connecting to form an HA cluster. You have a copy of the QuickStart Guide for the FortiGate units.
- You have administrative access to the web-based manager and CLI.
Many of the configuration examples in this document begin FortiGates unit configured with the factory default configuration. This is optional, but may make the examples easier to follow. As well, you do not need to have installed the FortiGate units on your network before using the examples in this document.
Before you set up a cluster
Before you set up a cluster ask yourself the following questions about the FortiGate units that you are planning to use to create a cluster. Do all the FortiGate units have the same hardware configuration? Including the same hard disk configuration and the same optional components installed in the same slots?
1. Do all FortiGate units have the same firmware build?
2. Are all FortiGate units set to the same operating mode (NAT or Transparent)?
3. Are all the FortiGate units operating in the same VDOM mode?
4. If the FortiGate units are operating in multiple VDOM mode do they all have the same VDOM configuration?
hi, great guide, only i am missing the most important thing. Before creating a ha-cluster please make sure that your units have a valid license (License Status: Valid)
Yeah, both Gates need to be licensed since they are going to share the UTM load etc.
Hi just want to clarify on no.4
4. If the FortiGate units are operating in multiple VDOM mode do they all have the same VDOM configuration?
does this mean i have to load my config on my first fortigate to my second fortigate for HA syncing?