HA configuration

System config

 

 

Cluster Members

When the cluster is operating, you can select Cluster Members to view the status of all FortiGate units in the cluster. Status information includes the cluster ID, status, up time, weight, and monitor information. For more information, see “To view the status of each cluster member” on page 95.

Mode

All members of the HA cluster must be set to the same HA mode.

Active-ActiveLoad balancing and failover HA. Each cluster unit actively processes connections and monitors the status of the other FortiGate units in the cluster. The primary FortiGate unit in the cluster controls load balancing among all of the cluster units.

Active-PassiveFailover HA. The primary FortiGate unit in the cluster processes all connections. All other FortiGate units in the cluster passively monitor the cluster status and remain synchronized with the primary FortiGate unit.

Group ID

The group ID range is from 0 to 63. All members of the HA cluster must have the same group ID.

When the FortiGate units in the cluster are switched to HA mode, all of the interfaces of all of the units in the cluster acquire the same virtual MAC address. This virtual MAC address is set according to the group ID. Table 3 lists the virtual MAC address set for each group ID.

Table 3: HA group ID and MAC address

Group ID

MAC Address

000-09-0f-06-ff-00

100-09-0f-06-ff-01

200-09-0f-06-ff-02

300-09-0f-06-ff-03

...

6300-09-0f-06-ff-3f

If you have more than one HA cluster on the same network, each cluster should have a different group ID. If two clusters on the same network have the same group ID, the duplicate MAC addresses cause addressing conflicts on the network.

Unit Priority

Optionally set the unit priority of the cluster unit. Each cluster unit can have a different unit priority (the unit priority is not synchronized among cluster members). During HA negotiation, the unit with the highest unit priority becomes the primary cluster unit. The unit priority range is 0 to 255. The default unit priority is 128.

86

01-28007-0068-20041203

Fortinet Inc.

Page 86
Image 86
Fortinet 100A manual Cluster Members, Mode, Unit Priority, HA group ID and MAC address Group ID MAC Address

100A specifications

Fortinet 100A is a versatile network security device designed to provide comprehensive protection against various cyber threats while ensuring optimal network performance. As part of the FortiGate series, the 100A combines advanced security features with powerful hardware capabilities, making it suitable for small to medium-sized businesses.

One of the key features of the Fortinet 100A is its deep packet inspection technology. This capability allows the firewall to analyze both the header and payload of packets traversing the network, enabling it to detect and block malicious content effectively. The 100A can identify and mitigate a wide range of threats, including malware, intrusions, and application-layer attacks.

The FortiOS operating system powers the Fortinet 100A, offering a robust and user-friendly interface for configuration and management. With its unified security management console, administrators can efficiently monitor network traffic and enforce security policies across the organization. The system provides centralized logging and reporting features, enabling users to gain valuable insights into their security posture and respond swiftly to incidents.

The 100A supports multiple deployment modes, including transparent, NAT, and route modes. This flexibility allows organizations to integrate the device into their existing network architecture with ease. The firewall's high throughput capabilities ensure that network performance remains unaffected, even under heavy load from multiple users and devices.

Another notable aspect of the Fortinet 100A is its support for various VPN technologies, including IPsec and SSL VPN. This feature facilitates secure remote access for employees, enabling them to connect to the corporate network safely, regardless of their location. As remote work continues to be a norm in many sectors, this capability is critical for maintaining productivity and security.

In addition to these features, the Fortinet 100A provides comprehensive web filtering capabilities, protecting users from harmful websites and inappropriate content. This protection is essential for organizations looking to maintain a secure and productive environment.

With its combination of powerful security features, flexible deployment options, and robust performance, the Fortinet 100A stands out as an ideal solution for organizations seeking to bolster their cybersecurity measures while ensuring seamless connectivity for users. As cyber threats continue to evolve, investing in a capable device like the FortiGate 100A is crucial for maintaining a secure network infrastructure.