HA virtual cluster setup
An HA virtual cluster can be set up using the GUI or CLI.
This example uses the following network topology:
HA virtual clusters are based on VDOMs and are more complicated than regular clusters. |
To set up an HA virtual cluster using the GUI:
- Make all the necessary connections as shown in the topology diagram.
- Log into one of the FortiGates.
- Go to System > HA and set the following options:
Mode
Active-Passive
Device priority
128 or higher
Group name
Example_cluster
Heartbeat interfaces
ha1 and ha2
Except for the device priority, these settings must be the same on all FortiGates in the cluster.
- Leave the remaining settings as their default values. They can be changed after the cluster is in operation.
- Click OK.
The FortiGate negotiates to establish an HA cluster. Connectivity with the FortiGate may be temporarily lost as the HA cluster negotiates and the FGCP changes the MAC addresses of the FortiGate's interfaces.
- Factory reset the other FortiGate that will be in the cluster, configure GUI access, then repeat steps 1 to 5, omitting setting the device priority, to join the cluster.
- Go to System > Settings and enable Virtual Domains.
- Click Apply. You will be logged out of the FortiGate.
- Log back into the FortiGate, ensure that you are in the global VDOM, and go to System > VDOM.
- Create two new VDOMs, such as VD1 and VD2:
- Click Create New. The New Virtual Domain page opens.
- Enter a name for the VDOM in the Virtual Domain field, then click OK to create the VDOM.
- Repeat these steps to create a second new VDOM.
- Implement a virtual cluster by moving the new VDOMs to Virtual cluster 2:
- Go to System > HA.
- Enable VDOM Partitioning.
- Click on the Virtual cluster 2 field and select the new VDOMs.
- Click OK.
To set up an HA virtual cluster using the CLI:
- Make all the necessary connections as shown in the topology diagram.
- Set up a regular A-P cluster. See HA active-passive cluster setup.
- Enable VDOMs:
config system global set vdom-mode multi-vdom end
You will be logged out of the FortiGate.
- Create two VDOMs:
config vdom edit VD1 next edit VD2 next end
- Reconfigure the HA settings to be a virtual cluster:
config global config system ha set vcluster2 enable config secondary-vcluster set vdom "VD1" "VD2" end end end