Reviewing the network failover diagram
The following network diagram illustrates a failover event from the current primary FortiGate (FortiGate A), to the current secondary FortiGate (FortiGate B).
Inbound failover is provided by reassigning the secondary IP addresses of ENI0\port1 from FortiGate A's public interface to FortiGate B's public interface. Additionally the EIPs associated to the secondary IP addresses of ENI0\port1 are reassociated from FortiGate A's public interface to FortiGate B's public interface.
Outbound failover is provided by reassigning the secondary IP addresses of ENI1\port2 from FortiGate A's private interface to FortiGate B's private interface. Additionally any route targets referencing FortiGate A’s private interface are updated to reference FortiGate B’s private interface.
The reassignment of secondary IP addresses is critical to allow synchronized sessions to resume traffic flow through FortiGate B.
The AWS API call updates are performed by FortiGate B initiating API calls from the dedicated HA management interface (ENI3\port4) through the AWS Internet Gateway.
When FortiGate A fails, its eth0’s secondary IP address, 192.168.1.13, which was originally assigned to FortiGate A’s port 1, moves to FortiGate B’s port 1. At the same time, eth1’s secondary IP address, 192.168.2.13, FortiGate A’s port 2, moves to FortiGate B’s port 2. These moves are represented as blue arrows in the diagram. An EIP associated with 192.168.1.13 is considered the front-end main public IP address, accessible even after the primary-secondary roles switch between the two FortiGates or when one FortiGate is shutdown.