Fortinet 400 manual Advanced HA options, Selecting a FortiGate unit to a permanent primary unit

Advanced HA options

The following advanced HA options are available from the FortiGate CLI:

•Selecting a FortiGate unit to a permanent primary unit

•Configuring weighted-round-robin weights

Selecting a FortiGate unit to a permanent primary unit

In a typical FortiGate cluster configuration, the primary unit selection process is automatic. The primary unit can be different each time the cluster starts up. In addition the unit functioning as the primary unit can change from time to time (for example, if the current primary unit restarts, one of the other units in the cluster replaces it as the primary unit).

In some situations, you may want to control which unit becomes the primary unit. You can configure a FortiGate unit to become the permanent primary unit by changing the priority of this unit and configuring it to override any other primary unit.

When FortiGates units in a cluster are negotiating to be the primary unit, the one with the lowest priority always becomes the primary unit. If two units have the same priority, the standard negotiation process is used to select the primary unit.

To configure a FortiGate unit to be the permanent primary unit in an HA cluster:

1Connect to the CLI of the permanent primary FortiGate unit.

2Set the priority of the permanent primary unit. Enter:

set system ha priority <priority_int>

Where <priority_int> is the priority to set for the permanent primary unit. The unit with the lowest priority becomes the primary unit. The default priority is 128. Set the priority of the permanent primary unit to a number lower than 128.

For example, to set the priority of the permanent primary unit to 10, enter the command:

set system ha priority 10

3Make sure the priorities of all of the other units in the cluster are higher than the priority of the permanent primary unit.

The command get system ha mode displays the current priority of the FortiGate unit that you are connected to.

4Configure the permanent primary unit to override an existing primary unit when it joins the cluster. Use the following command to configure primary unit override:

set system ha override enable

Enable override so the that the permanent primary unit will always override any other primary unit. For example, if the permanent primary unit shuts down, one of the other units in the cluster replaces it as the primary unit. When the permanent primary unit is restarted, it can become the primary unit again only if override is enabled.