Adding a model FortiGate HA cluster
You can add an offline FortiGate HA cluster by using the Add Model Device method. The process of adding an offline FortiGate HA cluster is similar to adding a model device using FortiGate serial numbers. See Example of adding a model device by serial number.
You can add two FortiGate devices as model devices to be part of the HA cluster.
You can also add an operating FortiGate HA cluster. Adding an operating FortiGate HA cluster to the Device Manager pane is similar to adding a standalone device. Specify the IP address of the primary device. FortiManager handles a cluster as a single managed device.
If you are using an HA cluster, you can promote a secondary device to a primary device. Go to Device Manager > Device & Groups > Managed FortiGate > [HA_Cluster_Name]. The System:Dashboard pane shows the cluster members under Cluster Members. Click Promote to promote a secondary device to a primary device. |
When FortiManager is managing a FortiGate HA cluster configured on Azure or AWS, you cannot use FortiManager to push device-level changes to the FortiGates, such as changes for the following commands: |
To add a model FortiGate HA cluster:
- Go to Device Manager > Device & Groups.
- Click Add Device. The wizard opens.
- Select Add Model HA Cluster.
- Populate the following fields:
- Configure the Name, HA Mode, Cluster ID, Cluster Name, and Password for the HA cluster.
- Enter the Serial Number and Priority of the primary FortiGate device, and select the appropriate Device Model.
- Optionally, click Add HA Secondary to add and configure the secondary node.
- Optionally, configure the Monitor Interface members and Heartbeat Interface members.
- Configure the remaining settings as needed, and click Next.
- After the wizard is finished, FortiManager adds the FortiGate model device HA cluster in Device Manager > Device Groups.
- On FortiGate, go to Security Fabric > Fabric Connectors > FortiManager, and configure the fabric connector using the FortiManager IP for each FortiGate device.
After auto-link is complete, the HA cluster in Device Manager > Device & Groups displays additional information about the HA cluster, including the Config Status.The FortiGate device with a higher Priority will be considered as the primary device of the HA cluster.
Both the FortiGate devices to be added to the HA cluster must be on the same firmware version. If not, the devices will be enforced with the same version as selected in the Enforce Firmware Version field in the Add Device dialog.
You can edit the HA cluster information after adding it. Use the Edit Device screen to modify the HA cluster information by modifying the fields IP Address, Admin User and Password, Cluster Members, Enforce Firmware Version, System Template, and Policy Package.