Fortinet black logo

FortiGate-7000F Handbook

Limitations of FortiGate-7000F virtual clustering

Copy Link
Copy Doc ID 4ec725e4-8001-11ed-8e6d-fa163e15d75b:263959
Download PDF

Limitations of FortiGate-7000F virtual clustering

FortiGate-7000F virtual clustering includes the following limitations:

  • Virtual clustering supports two FortiGate-7000Fs only.
  • Active-passive HA mode is supported, active-active HA is not.
  • The root and mgmt-vdom VDOMs must be in virtual cluster 1 (also called the primary virtual cluster).
  • A VLAN must be in the same virtual cluster as the physical interface or LAG that the VLAN has been added to. The VLAN can be in the same VDOM as its physical interface or LAG or in a different VDOM, as long as both VDOMs are in the same virtual cluster.

  • The interfaces that are created when you add an inter-VDOM link must be in the same virtual cluster as the inter-VDOM link. You can change the virtual cluster that an inter-VDOM link is in by editing the inter-VDOM link and changing the vcluster setting.
  • Using HA reserved management interfaces to manage individual cluster units is not supported. This feature may work as intended in many cases. However, using this feature in a virtual cluster is not recommended as it may cause conflicts with other features such as remote FortiAnalyzer logging.

    You can also use special management port numbers to connect to the secondary chassis FortiGate-7000F primary FIM (see HA mode special management port numbers).

Limitations of FortiGate-7000F virtual clustering

FortiGate-7000F virtual clustering includes the following limitations:

  • Virtual clustering supports two FortiGate-7000Fs only.
  • Active-passive HA mode is supported, active-active HA is not.
  • The root and mgmt-vdom VDOMs must be in virtual cluster 1 (also called the primary virtual cluster).
  • A VLAN must be in the same virtual cluster as the physical interface or LAG that the VLAN has been added to. The VLAN can be in the same VDOM as its physical interface or LAG or in a different VDOM, as long as both VDOMs are in the same virtual cluster.

  • The interfaces that are created when you add an inter-VDOM link must be in the same virtual cluster as the inter-VDOM link. You can change the virtual cluster that an inter-VDOM link is in by editing the inter-VDOM link and changing the vcluster setting.
  • Using HA reserved management interfaces to manage individual cluster units is not supported. This feature may work as intended in many cases. However, using this feature in a virtual cluster is not recommended as it may cause conflicts with other features such as remote FortiAnalyzer logging.

    You can also use special management port numbers to connect to the secondary chassis FortiGate-7000F primary FIM (see HA mode special management port numbers).