Adding the workers to the cluster
-
Log into the CLI of each worker and enter the following command to reset the worker to its factory default settings.
execute factoryreset
If the workers are going to run FortiOS Carrier, add the FortiOS Carrier license instead. Adding the license also resets the worker to factory default settings.
-
Register each worker and apply licenses to each worker before adding them to the cluster.
This includes FortiCloud activation and FortiClient licensing, and entering a license key if you purchased more than 10 Virtual Domains (VDOMs). You should also install any third-party certificates on each worker before forming the cluster. FortiToken licenses can be added at any time because they are synchronized to all workers.
-
Optionally give the mgmt1 or mgmt2 interface of each worker an IP address and connect these interfaces to your network.
These IP addresses are not synchronized, so you can connect to and manage each worker separately.
config system interface
edit mgmt1
set ip 172.20.120.120
end
-
Optionally give each worker a different hostname. The hostname is also not synchronized and allows you to identify each worker.
config system global
set hostname worker-slot-3
end
-
Enter the following command on each worker to enable dual FortiController mode.
config system elbc
set mode dual-forticontroller
end
The worker restarts and joins the cluster.
-
On the FortiController GUI go to Load Balance > Status.
As the workers restart they should appear in their appropriate slots.
The primary worker should be the worker in chassis 1 slot 3. The primary FortiController status display includes a Config Master link that you can use to connect to the primary worker.