Fortinet white logo
Fortinet white logo

FortiGate-6000 Administration Guide

Connect the HA1 and HA2 interfaces for HA heartbeat communication

Connect the HA1 and HA2 interfaces for HA heartbeat communication

HA heartbeat communication between FortiGate-6000s happens over the 10Gbit HA1 and HA2 interfaces. To set up HA heartbeat connections:

  • Connect the HA1 interfaces of the two FortiGate-6000s together either with a direct cable connection, or using a switch.
  • Connect the HA2 interfaces in the same way.

Using separate connections for HA1 and HA2 is recommended for redundancy. Direct cable connections between the HA heartbeat interfaces is also recommended.

If you are using switches to connect the HA1 and HA2 interfaces, the switches need to be configured in trunk mode. It is also recommended that these switches be dedicated to HA heartbeat communication and not used for other traffic. But

You can use the same switch for both HA1 and HA2 as long as you separate the HA1 and HA2 traffic on the switch. To do this, enable trunk mode for the switch interfaces, and set the heartbeat traffic on the HA1 and HA2 Interfaces to have different VLAN IDs. See the following sections for information about the configuration options you can use to customize HA heartbeat packets to be compatible with different third-party switch configurations.

Note

FortiGate-6000 HA does not support using the HA session-sync-dev option. Instead, session synchronization traffic uses the HA1 and HA2 interfaces, separating session sync traffic from data traffic

Connect the HA1 and HA2 interfaces for HA heartbeat communication

Connect the HA1 and HA2 interfaces for HA heartbeat communication

HA heartbeat communication between FortiGate-6000s happens over the 10Gbit HA1 and HA2 interfaces. To set up HA heartbeat connections:

  • Connect the HA1 interfaces of the two FortiGate-6000s together either with a direct cable connection, or using a switch.
  • Connect the HA2 interfaces in the same way.

Using separate connections for HA1 and HA2 is recommended for redundancy. Direct cable connections between the HA heartbeat interfaces is also recommended.

If you are using switches to connect the HA1 and HA2 interfaces, the switches need to be configured in trunk mode. It is also recommended that these switches be dedicated to HA heartbeat communication and not used for other traffic. But

You can use the same switch for both HA1 and HA2 as long as you separate the HA1 and HA2 traffic on the switch. To do this, enable trunk mode for the switch interfaces, and set the heartbeat traffic on the HA1 and HA2 Interfaces to have different VLAN IDs. See the following sections for information about the configuration options you can use to customize HA heartbeat packets to be compatible with different third-party switch configurations.

Note

FortiGate-6000 HA does not support using the HA session-sync-dev option. Instead, session synchronization traffic uses the HA1 and HA2 interfaces, separating session sync traffic from data traffic