Fortinet black logo

New Features

Support HA between AZs  6.2.1

Copy Link
Copy Doc ID 761d83e3-4a7b-11e9-94bf-00505692583a:953379
Download PDF

Support HA between AZs 6.2.1

High availability (HA) between availability zones (AZs) on Azure is supported.

Azure HA solves the problem of availability when a FortiGate goes down. Azure HA across AZs solves the problem of what happens when Azure goes down, which ensures the maximum amount of uptime for customers.

To configure HA between AZs:
  1. Ensure FortiGate A and FortiGate B are in different availability zones in Azure.

    In the following example, FortiGate A is in availability zone 1:

    FortiGate B is in availability zone 2:

  2. For each FortiGate, go to Identity > System assigned, and set Status to On.

  3. For each FortiGate, under Add role assignment, set Role to Contributor.

  4. Set the public IP address:

    1. For the SKU option, select Standard.
    2. In the Availability zone list, select Zone-redundant.

  5. When a failover is triggered, the secondary device becomes the primary device. Use the following diagnose command to confirm HA change:

    # diagnose debug application awsd -1
    # diagnose debug enable

Support HA between AZs 6.2.1

High availability (HA) between availability zones (AZs) on Azure is supported.

Azure HA solves the problem of availability when a FortiGate goes down. Azure HA across AZs solves the problem of what happens when Azure goes down, which ensures the maximum amount of uptime for customers.

To configure HA between AZs:
  1. Ensure FortiGate A and FortiGate B are in different availability zones in Azure.

    In the following example, FortiGate A is in availability zone 1:

    FortiGate B is in availability zone 2:

  2. For each FortiGate, go to Identity > System assigned, and set Status to On.

  3. For each FortiGate, under Add role assignment, set Role to Contributor.

  4. Set the public IP address:

    1. For the SKU option, select Standard.
    2. In the Availability zone list, select Zone-redundant.

  5. When a failover is triggered, the secondary device becomes the primary device. Use the following diagnose command to confirm HA change:

    # diagnose debug application awsd -1
    # diagnose debug enable