Fortinet Document Library

Version:

Version:


Table of Contents

Administration Guide

Download PDF
Copy Link

High availability

Use the high availability view to add to and update high availability configuration information.

Use the Configuration Wizard to complete the initial configuration for each appliance. See the Appliance Installation Guide that came with the hardware for instructions on using the Configuration Wizard. See the for additional information on configuring appliances for a high availability environment.

Configure high availability

  1. Ensure that all appliances are keyed for high availability. See License management and check the high availability field.
  2. Click System > Settings.
  3. Expand the System Management folder.
  4. Select High Availability from the tree.
  5. Use the table below to enter the required information.
  6. Click Save Settings and wait for the success message.
Note

When you click Save Settings on the Administration - High Availability view, the primary server tries to communicate with the secondary to ensure that the database will be replicated. If the primary server cannot communicate with the secondary, it continues to try until communication is established.

Note

If you are configuring high availability in an environment where you have a FortiNAC Control Server and an Application Server, additional fields are displayed to configure the two Application Servers.

Tooltip

Note: For steps to remove an existing High Availability configuration, refer to the Appendix of the High Availability reference manual in the Fortinet Document Library.

https://docs.fortinet.com/document/fortinac/8.3.0/high-availability

Settings

Field

Description

Shared IP configuration

Use Shared IP address

Enables the use of a shared IP address in the high availability configuration. If enabled, the administrator can manage whichever appliance that is in control with the shared IP address instead of the actual host IP address.

If your primary and secondary servers are not in the same subnet, do not use a shared IP address.

Shared IP address

The shared IP address for the high availability configuration. Added to the /etc/hosts file when the configuration is saved.

Shared Subnet Mask (bits)

The shared subnet mask in bits. For example, 255.255.255.0 = 24 bits.

Shared Host Name

Part of the entry in the /etc/hosts file for the shared IP address. Administrators can access the UI using either the shared IP address or the shared host name.

Server configuration

Primary Appliance

IP address: IP address assigned to eth0 for the primary.

Gateway IP address: IP address pinged by the appliances to determine if network connectivity is still available.

CLI/SSH root Password [User:root]: Root password on the appliance itself. Allows settings to be written to the appliance.

Retype root CLI/SSH Password [User:root]: Retype the password entered in the CLI/SSH root Password field for confirmation.

Secondary Appliance

IP address: IP address assigned to eth0 for the secondary.

Host Name: Name assigned to the secondary.

Gateway IP address: IP address that is pinged by the appliances to determine if network connectivity is still available.

CLI/SSH root Password [User:root]: Root password on the appliance itself. Allows settings to be written to the appliance.

Retype root CLI/SSH Password [User:root]: Retype the password entered in the CLI/SSH root Password field for confirmation.

High availability

Use the high availability view to add to and update high availability configuration information.

Use the Configuration Wizard to complete the initial configuration for each appliance. See the Appliance Installation Guide that came with the hardware for instructions on using the Configuration Wizard. See the for additional information on configuring appliances for a high availability environment.

Configure high availability

  1. Ensure that all appliances are keyed for high availability. See License management and check the high availability field.
  2. Click System > Settings.
  3. Expand the System Management folder.
  4. Select High Availability from the tree.
  5. Use the table below to enter the required information.
  6. Click Save Settings and wait for the success message.
Note

When you click Save Settings on the Administration - High Availability view, the primary server tries to communicate with the secondary to ensure that the database will be replicated. If the primary server cannot communicate with the secondary, it continues to try until communication is established.

Note

If you are configuring high availability in an environment where you have a FortiNAC Control Server and an Application Server, additional fields are displayed to configure the two Application Servers.

Tooltip

Note: For steps to remove an existing High Availability configuration, refer to the Appendix of the High Availability reference manual in the Fortinet Document Library.

https://docs.fortinet.com/document/fortinac/8.3.0/high-availability

Settings

Field

Description

Shared IP configuration

Use Shared IP address

Enables the use of a shared IP address in the high availability configuration. If enabled, the administrator can manage whichever appliance that is in control with the shared IP address instead of the actual host IP address.

If your primary and secondary servers are not in the same subnet, do not use a shared IP address.

Shared IP address

The shared IP address for the high availability configuration. Added to the /etc/hosts file when the configuration is saved.

Shared Subnet Mask (bits)

The shared subnet mask in bits. For example, 255.255.255.0 = 24 bits.

Shared Host Name

Part of the entry in the /etc/hosts file for the shared IP address. Administrators can access the UI using either the shared IP address or the shared host name.

Server configuration

Primary Appliance

IP address: IP address assigned to eth0 for the primary.

Gateway IP address: IP address pinged by the appliances to determine if network connectivity is still available.

CLI/SSH root Password [User:root]: Root password on the appliance itself. Allows settings to be written to the appliance.

Retype root CLI/SSH Password [User:root]: Retype the password entered in the CLI/SSH root Password field for confirmation.

Secondary Appliance

IP address: IP address assigned to eth0 for the secondary.

Host Name: Name assigned to the secondary.

Gateway IP address: IP address that is pinged by the appliances to determine if network connectivity is still available.

CLI/SSH root Password [User:root]: Root password on the appliance itself. Allows settings to be written to the appliance.

Retype root CLI/SSH Password [User:root]: Retype the password entered in the CLI/SSH root Password field for confirmation.