Fortinet FortiGate-800 manual Advanced HA options, Replacing a FortiGate unit after failover

Replacing a FortiGate unit after failover

A failover can occur because of a hardware or software problem. When a failover occurs, you can attempt to restart the failed FortiGate unit by cycling its power. If the FortiGate unit starts up correctly, it rejoins the HA cluster, which then continues to function normally. If the FortiGate unit does not restart normally or does not rejoin the HA cluster, you must take it out of the network and either reconfigure or replace it.

Once the FortiGate unit is reconfigured or replaced, change its HA configuration to match the FortiGate unit that failed and reconnect it to the network. The reconnected FortiGate unit then automatically joins the HA cluster.

Advanced HA options

You can configure the following advanced HA options using the FortiGate CLI:

•Selecting a FortiGate unit as a permanent primary unit

•Configuring the priority of each FortiGate unit in the cluster

•Configuring weighted-round-robin weights

Selecting a FortiGate unit as a permanent primary unit

In a typical FortiGate cluster configuration, the primary unit is selected automatically. In some situations, you might want to control which unit becomes the primary unit. You can select a FortiGate unit as the permanent primary unit by changing its priority and configuring it to override any other primary unit.

To select a permanent primary unit

1Connect to the CLI of the FortiGate unit that you want to become the permanent primary unit.

2Set the priority of the permanent primary unit. Enter: set system ha priority <priority_int>

Where <priority_int> is the priority to set for the permanent primary unit. The unit with the lowest priority becomes the primary unit. The default priority is 128. Set the priority of the permanent primary unit to a number lower than 128.

For example, to set the priority of the permanent primary unit to 10, enter the command:

set system ha priority 10

3Make sure that the priority of all the other units in the cluster is higher than the priority of the permanent primary unit.

The command get system ha mode displays the current priority of the FortiGate unit that you are connected to.

4Configure the permanent primary unit to override an existing primary unit when it joins the cluster. Use the following command to configure primary unit override: