Fortinet 400 Returning to standalone configuration, Replacing a FortiGate unit after fail-over

Use the following procedure to make configuration changes to the primary FortiGate unit and then synchronize the configuration of the subordinate units.

1Connect to the cluster and log into the web-based manager or CLI.

2Make configuration changes as required.

3Connect to the CLI of each of the subordinate units in the cluster.

To connect to subordinate units, see “Managing individual cluster units” on page 89.

4Use the execute ha synchronize command to synchronize the configuration of the subordinate unit.

5Repeat steps 3 and 4 for all of the subordinate units in the HA cluster.

Returning to standalone configuration

Repeat this procedure for each FortiGate unit in the HA cluster. To return to standalone configuration:

1Connect to the web-based manager.

2Go to System > Config > HA.

3Select Standalone Mode and select Apply.

The FortiGate unit exits from HA mode and returns to standalone mode.

Replacing a FortiGate unit after fail-over

A failover can occur due to a hardware or software problem. When a failover occurs, you can attempt to restart the failed FortiGate unit by cycling its power. If the FortiGate unit starts up correctly, it rejoins the HA cluster, which then continues to function normally. If the FortiGate unit does not restart normally or does not rejoin the HA cluster, you must take it out of the network and either reconfigure or replace it.

Once the FortiGate unit is reconfigured or replaced, change its HA configuration to match that of the FortiGate unit that failed and connect it back into the network. The reconnected FortiGate unit then automatically joins the HA cluster.