Tag Archives: fortigate cluster deployment

Setting up two new FortiGates as an FGCP cluster

Setting up two new FortiGates as an FGCP cluster

This section describes a simple HA network topology that includes an HA cluster of two FortiGate units in NAT/Route mode installed between an internal network and the Internet. The example uses a generic FortiGate unit with four interfaces named port1, port2, port3 and port4.

 

Example NAT/Route mode HA network topology

The figure below shows a typical FortiGate HA cluster consisting of two FortiGate units (FGT_ha_1 and FGT_ha_2) connected to the same internal (port2) and external (port1) networks.

 

Example NAT/Route mode HA network topology

Port3 and port4 are used as the heartbeat interfaces. Because the cluster consists of two FortiGate units, you can make the connections between the heartbeat interfaces using crossover cables. You could also use switches and regular ethernet cables.

 

General configuration steps

The section includes web-based manager and CLI procedures. These procedures assume that the FortiGate units are running the same FortiOS firmware build and are set to the factory default configuration.

 

General configuration steps

1. Apply licenses to the FortiGate units to become the cluster.

2. Configure the FortiGate units for HA operation.

  • Optionally change each unit’s host name.
  • Configure HA.

2. Connect the cluster to the network.

3. Confirm that the cluster units are operating as a cluster and add basic configuration settings to the cluster.

  • View cluster status from the web-based manager or CLI.
  • Add a password for the admin administrative account.
  • Change the IP addresses and netmasks of the internal and external interfaces.
  • Add a default route.