Fortinet white logo
Fortinet white logo

FortiNAC Manager

9.4.0

High availability

High availability

Use the high availability view to add to and update high availability configuration information.

For details on implementing High Availability and its functionality, refer to the High Availability reference manual in the Document Library.

High Availability - FortiNACOS

High Availability - CentOS

Configure high availability
  1. Ensure that all appliances are keyed for high availability. See License management and check the high availability field.
  2. Click System > Settings.
  3. Expand the System Management folder.
  4. Select High Availability from the tree.
  5. Use the table below to enter the required information.
  6. Click Save Settings and wait for the success message.
  7. Restart FortiNAC services on both appliances to apply changes. See Power management.

Note

When you click Save Settings on the Administration - High Availability view, the primary server tries to communicate with the secondary to ensure that the database will be replicated. If the primary server cannot communicate with the secondary, it continues to try until communication is established.

Note

If you are configuring high availability in an environment where you have a FortiNAC Manager Control Server and an Application Server, additional fields are displayed to configure the two Application Servers.

Tooltip

Note: For steps to remove an existing High Availability configuration, refer to the Appendix of the High Availability reference manual in the Fortinet Document Library.

https://docs.fortinet.com/document/fortinac/9.4.0/high-availability

Settings

Field

Description

Shared IP configuration

Use Shared IP address

Enables the use of a shared IP address in the high availability configuration. If enabled, the administrator can manage whichever appliance that is in control with the shared IP address instead of the actual host IP address.

If your primary and secondary servers are not in the same subnet, do not use a shared IP address.

Shared IP address

The shared IP address for the high availability configuration. Added to the /etc/hosts file when the configuration is saved.

Shared Subnet Mask (bits)

The shared subnet mask in bits. For example, 255.255.255.0 = 24 bits.

Shared Host Name

Part of the entry in the /etc/hosts file for the shared IP address. Administrators can access the UI using either the shared IP address or the shared host name.

Server configuration

Primary Appliance

IP address: IP address assigned to eth0/port1 for the primary.

Gateway IP address: IP address pinged by the appliances to determine if network connectivity is still available.

CLI/SSH root Password [User:root]: Root password on the appliance itself. Allows settings to be written to the appliance.

Retype root CLI/SSH Password [User:root]: Retype the password entered in the CLI/SSH root Password field for confirmation.

Secondary Appliance

IP address: IP address assigned to eth0/port1 for the secondary.

Host Name: Name assigned to the secondary.

Gateway IP address: IP address that is pinged by the appliances to determine if network connectivity is still available.

CLI/SSH root Password [User:root]: Root password on the appliance itself. Allows settings to be written to the appliance.

Retype root CLI/SSH Password [User:root]: Retype the password entered in the CLI/SSH root Password field for confirmation.

High availability

High availability

Use the high availability view to add to and update high availability configuration information.

For details on implementing High Availability and its functionality, refer to the High Availability reference manual in the Document Library.

High Availability - FortiNACOS

High Availability - CentOS

Configure high availability
  1. Ensure that all appliances are keyed for high availability. See License management and check the high availability field.
  2. Click System > Settings.
  3. Expand the System Management folder.
  4. Select High Availability from the tree.
  5. Use the table below to enter the required information.
  6. Click Save Settings and wait for the success message.
  7. Restart FortiNAC services on both appliances to apply changes. See Power management.

Note

When you click Save Settings on the Administration - High Availability view, the primary server tries to communicate with the secondary to ensure that the database will be replicated. If the primary server cannot communicate with the secondary, it continues to try until communication is established.

Note

If you are configuring high availability in an environment where you have a FortiNAC Manager Control Server and an Application Server, additional fields are displayed to configure the two Application Servers.

Tooltip

Note: For steps to remove an existing High Availability configuration, refer to the Appendix of the High Availability reference manual in the Fortinet Document Library.

https://docs.fortinet.com/document/fortinac/9.4.0/high-availability

Settings

Field

Description

Shared IP configuration

Use Shared IP address

Enables the use of a shared IP address in the high availability configuration. If enabled, the administrator can manage whichever appliance that is in control with the shared IP address instead of the actual host IP address.

If your primary and secondary servers are not in the same subnet, do not use a shared IP address.

Shared IP address

The shared IP address for the high availability configuration. Added to the /etc/hosts file when the configuration is saved.

Shared Subnet Mask (bits)

The shared subnet mask in bits. For example, 255.255.255.0 = 24 bits.

Shared Host Name

Part of the entry in the /etc/hosts file for the shared IP address. Administrators can access the UI using either the shared IP address or the shared host name.

Server configuration

Primary Appliance

IP address: IP address assigned to eth0/port1 for the primary.

Gateway IP address: IP address pinged by the appliances to determine if network connectivity is still available.

CLI/SSH root Password [User:root]: Root password on the appliance itself. Allows settings to be written to the appliance.

Retype root CLI/SSH Password [User:root]: Retype the password entered in the CLI/SSH root Password field for confirmation.

Secondary Appliance

IP address: IP address assigned to eth0/port1 for the secondary.

Host Name: Name assigned to the secondary.

Gateway IP address: IP address that is pinged by the appliances to determine if network connectivity is still available.

CLI/SSH root Password [User:root]: Root password on the appliance itself. Allows settings to be written to the appliance.

Retype root CLI/SSH Password [User:root]: Retype the password entered in the CLI/SSH root Password field for confirmation.