Fortinet black logo

SD-WAN Orchestrator 6.4.1 r7 Administration Guide

Adding model devices in HA clusters

6.4.6
Copy Link
Copy Doc ID 6173f038-d5de-11eb-97f7-00505692583a:869867
Download PDF

Adding model devices in HA clusters

SD-WAN Orchestrator MEA supports active-passive (AP) HA mode, and the FortiGates in the cluster must be the same type of model.

You can add two or more offline FortiGate devices to a high availability (HA) cluster by using the device serial numbers. When you add model devices to SD-WAN Orchestrator MEA, the model devices are added to FortiManager too.

Interfaces for the HA cluster are defined in profiles, and you select a profile when you add model devices to SD-WAN Orchestrator MEA.

If you choose a profile without HA interface definitions, default ports are used.

To add model devices to HA clusters:
  1. Ensure that you have created profiles for HA devices. See Creating profiles for HA devices.
  2. Go to Configuration > Device.
  3. In the Device menu, select + Model Device.

    The + Model Device dialog box opens.

  4. Configure the following settings for the primary device and cluster:

    Option

    Description

    Serial Number

    Enter the serial number for the primary device in the HA cluster.

    Device Name Enter a name for the primary device.
    Host Name Not available when HA Mode is set to AP.
    Type The model is displayed after you enter the device serial number.
    Profile Name Select a profile for HA devices from the dropdown, or click Create to create a new profile.
    Region Select a region from the dropdown, or click Create Region to create a new region.
    First Online Action

    Specify how to manage device configuration when the device comes online for the first time. Choose from:

    • NONE: Select to disable automatic configuration action. Instead you can manually initiate configuration installation after adding the device to SD-WAN Orchestrator MEA.
    • RETRIEVE_CONFIG: Select to import some of the configuration settings from the device when the device comes online for the first time. Settings such as host name, WAN port, WAN port IP, LAN/DMZ port, and static route are imported. WAN and LAN settings from the imported configuration automatically override the assigned WAN and LAN settings from the SD-WAN Orchestrator MEA profile. You should use the profile to assign additional settings.
    • SYNC_CONFIG: Select to install the SD-WAN Orchestrator MEA configuration associated with the profile when the device comes online for the first time.

    Enforce Firmware Version

    (Optional) Select the required FortiOS version for the device when it comes online.

    Password

    The Password option is displayed after the device serial number is added and recognized.

    Specify how to handle the device password. Choose from:

    • No change: Keep the original password of the newly added device.
    • Manual: Specify the password of the device.
    • Auto: Generate a random password for the device automatically. Click the eye icon to view the password.

    HA Mode

    Select STANDALONE to disable HA mode.

    Select AP to enable active-passive HA mode.

    Cluster Name

    Available when HA Mode is set to AP.

    Type a name for the HA cluster. Minimum length is 1 character, and maximum length is 21 characters. The #,(,) characters are not supported.

    HA Password

    (Optional) Available when HA Mode is set to AP.

    Specify a password for the HA cluster. Maximum length is 128 characters.

    Priority

    Type a high number between 0-255 to set the priority for the primary HA member.

    HA Secondaries

    Available when HA Mode is set to AP.

    Click Add to add a secondary model device to the HA cluster by serial number.

    In the SerialNumber #1 box, type the serial number for the FortiGate device in the HA cluster. It should be the same type of serial number as the primary FortiGate in the HA cluster.

    In the Priority box, type the priority restriction for the device in the HA cluster. Type a number between 0 and 255.

  5. Under HA Secondaries, add one or more secondary devices.
    1. Click +Add.

      A row of options for the first secondary device is displayed.

    2. In the SerialNumber #1 box, type the serial number for a secondary device in the HA cluster.
    3. In the Priority box, type a number between 0-255 that is lower than the priority for the primary device.

      Configuration of the secondary device is complete.

    4. (Optional) Click +Add to add and configure another secondary device.
  6. Click OK.

Adding model devices in HA clusters

SD-WAN Orchestrator MEA supports active-passive (AP) HA mode, and the FortiGates in the cluster must be the same type of model.

You can add two or more offline FortiGate devices to a high availability (HA) cluster by using the device serial numbers. When you add model devices to SD-WAN Orchestrator MEA, the model devices are added to FortiManager too.

Interfaces for the HA cluster are defined in profiles, and you select a profile when you add model devices to SD-WAN Orchestrator MEA.

If you choose a profile without HA interface definitions, default ports are used.

To add model devices to HA clusters:
  1. Ensure that you have created profiles for HA devices. See Creating profiles for HA devices.
  2. Go to Configuration > Device.
  3. In the Device menu, select + Model Device.

    The + Model Device dialog box opens.

  4. Configure the following settings for the primary device and cluster:

    Option

    Description

    Serial Number

    Enter the serial number for the primary device in the HA cluster.

    Device Name Enter a name for the primary device.
    Host Name Not available when HA Mode is set to AP.
    Type The model is displayed after you enter the device serial number.
    Profile Name Select a profile for HA devices from the dropdown, or click Create to create a new profile.
    Region Select a region from the dropdown, or click Create Region to create a new region.
    First Online Action

    Specify how to manage device configuration when the device comes online for the first time. Choose from:

    • NONE: Select to disable automatic configuration action. Instead you can manually initiate configuration installation after adding the device to SD-WAN Orchestrator MEA.
    • RETRIEVE_CONFIG: Select to import some of the configuration settings from the device when the device comes online for the first time. Settings such as host name, WAN port, WAN port IP, LAN/DMZ port, and static route are imported. WAN and LAN settings from the imported configuration automatically override the assigned WAN and LAN settings from the SD-WAN Orchestrator MEA profile. You should use the profile to assign additional settings.
    • SYNC_CONFIG: Select to install the SD-WAN Orchestrator MEA configuration associated with the profile when the device comes online for the first time.

    Enforce Firmware Version

    (Optional) Select the required FortiOS version for the device when it comes online.

    Password

    The Password option is displayed after the device serial number is added and recognized.

    Specify how to handle the device password. Choose from:

    • No change: Keep the original password of the newly added device.
    • Manual: Specify the password of the device.
    • Auto: Generate a random password for the device automatically. Click the eye icon to view the password.

    HA Mode

    Select STANDALONE to disable HA mode.

    Select AP to enable active-passive HA mode.

    Cluster Name

    Available when HA Mode is set to AP.

    Type a name for the HA cluster. Minimum length is 1 character, and maximum length is 21 characters. The #,(,) characters are not supported.

    HA Password

    (Optional) Available when HA Mode is set to AP.

    Specify a password for the HA cluster. Maximum length is 128 characters.

    Priority

    Type a high number between 0-255 to set the priority for the primary HA member.

    HA Secondaries

    Available when HA Mode is set to AP.

    Click Add to add a secondary model device to the HA cluster by serial number.

    In the SerialNumber #1 box, type the serial number for the FortiGate device in the HA cluster. It should be the same type of serial number as the primary FortiGate in the HA cluster.

    In the Priority box, type the priority restriction for the device in the HA cluster. Type a number between 0 and 255.

  5. Under HA Secondaries, add one or more secondary devices.
    1. Click +Add.

      A row of options for the first secondary device is displayed.

    2. In the SerialNumber #1 box, type the serial number for a secondary device in the HA cluster.
    3. In the Priority box, type a number between 0-255 that is lower than the priority for the primary device.

      Configuration of the secondary device is complete.

    4. (Optional) Click +Add to add and configure another secondary device.
  6. Click OK.