Hello everyone, in the following article I will guide you how to configure the error prevention feature (HA-High Availability) on Fortigate Firewallhelping to increase the reliability of our network system.
* Steps:
– Connect Fortigate
– Configure Primary Firewall
– Configure Backup Firewall
– Identify HA Cluster
– Check the result
* Perform configuration:
First, you connect the device as shown in the model below. Note that we use RJ45 cable to connect 2 interfaces HA 1 and HA 2 on 2 Firewalls (if any). In case the Firewall does not have a dedicated HA interface, we can connect any 2 interfaces that we have not use.
After connecting the Firewalls, we go to the Primary Firewall settings screen, go to the HA Status section, select configure.
You set up the parameters as below and note that the Device Priority value is as default (128). In the Cluster Setting section, name the group name and enter the password for the Cluster.
Next, do the same on Backup Firewall and note that Device Priority is 50 (lower than the value of Primary Firewall).
Next, go to System > Config > HA to check the information of the HA Cluster we created
To see more detailed information, click View HA Statistic.
After configuring the above steps, the Backup Firewall will inherit the configurations of the Primary Firewall.
In case the Primary Firewall still works well, traffic from the internal network layer to the Internet will go through the Primary Firewall.
If the Primary Firewall has a problem and cannot operate, traffic will go through the Backup Firewall.
To test, we ping any IP address on the Internet, then turn off the Primary Firewall and observe the results. After being dropped for a short period of time, traffic will automatically redirect to Backup Firewall and ping command. Continue running as usual.
You should also note that once you have configured HA, if you update the Firmware on the Primary Firewall, the Backup Firewall will also automatically update, so you need to backup the configuration before upgrading the Firmware for the device. .
Here, the steps to configure HA (High Availability) above Fortigate Firewall has been done.
Good luck.
Xem tiếp...