|
|
FortiBridge operating principles | Example FortiGate HA cluster FortiBridge application |
Example FortiGate HA cluster FortiBridge application
A FortiBridge unit can provide fail open protection for a FortiGate HA cluster operating in transparent mode in much the same way as for a standalone FortiGate unit. To provide fail open protection for an HA cluster, connect the FortiBridge unit to the switches that connect the internal and external interfaces of the cluster. Use the following steps to connect a FortiBridge unit to the HA cluster, as shown in Figure 7:
Figure 7: FortiBridge unit providing fail open protection for a FortiGate HA cluster
(Normal mode) |
| |
Internal network |
|
|
INT 1 | EXT 1 | Internet |
INT 2 | EXT 2 | Router |
Internal | External | Probe packets |
|
| |
| HA cluster |
|
(Transparent mode)
The network configuration and FortiBridge configuration are the same for a cluster and for a standalone FortiGate unit. In normal mode, packets pass through the FortiBridge unit and through the FortiGate HA cluster and back through the FortiBridge unit. For the cluster to process this traffic, you must add
Internal
The connection procedure is different depending on whether the FortiBridge unit uses copper gigabit ethernet network connections or fiber gigabit ethernet network connections. This section includes the following connection procedures:
•Connecting the
•Connecting the
Connecting the FortiBridge-1000 (copper gigabit ethernet)
The
Note: Normally, you would use
FortiBridge Version 3.0 Administration Guide | 15 |
