Fortinet black logo

New Features

Home FortiManager 7.2.0 New Features
7.2.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.7
6.2.3
6.2.2
6.2.1
6.2.0

FortiManager-HA automatic failover enhancement

FortiManager-HA automatic failover enhancement

This feature introduces automatic failover for FortiManager-HA.

To use automatic failover for FortiManager-HA:
  1. In FortiManager, go to System Settings > HA.
    A new Failover Mode setting is available in the FortiManager HA configuration menu. You can select Manual for manual failover or VRRP to enable automatic failover.
  2. Select VRRP as the Failover Mode, and configure the other settings required including the VIP, VRRP Interface, Priority, Unicast, and Monitored IP.

  3. When the monitored interface for the Primary FortiManager is unreachable or down, HA automatic failover will occur, and the Secondary FortiManager will automatically become the primary.
To configure automatic failover in the FortiManager CLI:
  1. On the Primary FortiManager, configure the FortiManager settings with VRRP mode selected:

    config system ha

    set failover-mode vrrp

    config monitored-ips

    edit 1

    set interface <string>

    set ip <string>

    next

    end

    config peer

    edit <peer_id_int>

    set ip <peer_ipv4_address>

    set serial-number <string>

    next

    end

    set priority <integer>

    set vip <string>

    set vrrp-interface <string>

    end

    For example:

    config system ha

    set failover-mode vrrp

    config monitored-ips

    edit 1

    set interface "port2"

    set ip "192.168.48.63"

    next

    end

    config peer

    edit 1

    set ip 10.3.106.64

    set serial-number "FMG-VM0A17001234"

    next

    end

    set priority 200

    set vip "10.3.106.65"

    set vrrp-interface "port1"

    end

  2. On the Secondary FortiManager, configure the FortiManager settings with VRRP mode selected:

    config system ha

    set failover-mode vrrp

    config monitored-ips

    edit <id>

    set interface <string>

    set ip <string>

    next

    end

    config peer

    edit <peer_id_int>

    set ip <peer_ipv4_address>

    set serial-number <string>

    next

    end

    set vip <string>

    set vrrp-interface <string>

    end

    For example:

    config system ha

    set failover-mode vrrp

    config monitored-ips

    edit 1

    set interface "port2"

    set ip "192.168.48.64"

    next

    end

    config peer

    edit 1

    set ip 10.3.106.63

    set serial-number "FMG-VM0A16001234"

    next

    end

    set vip "10.3.106.65"

    set vrrp-interface "port1"

    end

Previous
Next

More Links

FortiManager Administration Guide - Configuring HA options

FortiManager-HA automatic failover enhancement

This feature introduces automatic failover for FortiManager-HA.

To use automatic failover for FortiManager-HA:
  1. In FortiManager, go to System Settings > HA.
    A new Failover Mode setting is available in the FortiManager HA configuration menu. You can select Manual for manual failover or VRRP to enable automatic failover.
  2. Select VRRP as the Failover Mode, and configure the other settings required including the VIP, VRRP Interface, Priority, Unicast, and Monitored IP.

  3. When the monitored interface for the Primary FortiManager is unreachable or down, HA automatic failover will occur, and the Secondary FortiManager will automatically become the primary.
To configure automatic failover in the FortiManager CLI:
  1. On the Primary FortiManager, configure the FortiManager settings with VRRP mode selected:

    config system ha

    set failover-mode vrrp

    config monitored-ips

    edit 1

    set interface <string>

    set ip <string>

    next

    end

    config peer

    edit <peer_id_int>

    set ip <peer_ipv4_address>

    set serial-number <string>

    next

    end

    set priority <integer>

    set vip <string>

    set vrrp-interface <string>

    end

    For example:

    config system ha

    set failover-mode vrrp

    config monitored-ips

    edit 1

    set interface "port2"

    set ip "192.168.48.63"

    next

    end

    config peer

    edit 1

    set ip 10.3.106.64

    set serial-number "FMG-VM0A17001234"

    next

    end

    set priority 200

    set vip "10.3.106.65"

    set vrrp-interface "port1"

    end

  2. On the Secondary FortiManager, configure the FortiManager settings with VRRP mode selected:

    config system ha

    set failover-mode vrrp

    config monitored-ips

    edit <id>

    set interface <string>

    set ip <string>

    next

    end

    config peer

    edit <peer_id_int>

    set ip <peer_ipv4_address>

    set serial-number <string>

    next

    end

    set vip <string>

    set vrrp-interface <string>

    end

    For example:

    config system ha

    set failover-mode vrrp

    config monitored-ips

    edit 1

    set interface "port2"

    set ip "192.168.48.64"

    next

    end

    config peer

    edit 1

    set ip 10.3.106.63

    set serial-number "FMG-VM0A16001234"

    next

    end

    set vip "10.3.106.65"

    set vrrp-interface "port1"

    end

Previous
Next