Filter
Top Products
High availability Managing an HA cluster
FortiGate-800 Installation and Configuration Guide 79
You can also use SNMP to manage the cluster by configuring a cluster interface for
SNMP administrative access. Using an SNMP manager you can get cluster
configuration information and receive traps.
You can change the cluster configuration by connecting to the cluster and changing
the configuration of the primary FortiGate unit. The cluster automatically synchronizes
all configuration changes to the subordinate units in the cluster as the changes are
made.
The only configuration change that is not synchronized is the FortiGate host name.
You can give each cluster unit a unique host name to help to identify cluster members.
For information about changing the host name of cluster members, see “Changing
cluster unit host names” on page 84.
You can use the web-based manager to monitor the status and logs of individual
cluster members. See “Monitoring cluster members” on page 80 and “Viewing and
managing cluster log messages” on page 82.
You can manage individual cluster units by using SSH to connect to the CLI of the
cluster. From the CLI you can use the execute ha manage command to connect to
the CLI of each unit in the cluster. You can also manage individual cluster units by
using a null-modem cable to connect to the primary cluster unit. From there you can
also use the execute ha manage command to connect to the CLI of each unit in the
cluster. See “Managing individual cluster units” on page 83 for more information.
This section describes:
• Configuring cluster interface monitoring
• Viewing the status of cluster members
• Monitoring cluster members
• Viewing cluster sessions
• Viewing and managing cluster log messages
• Monitoring cluster units for failover
• Viewing cluster communication sessions
• Managing individual cluster units
• Changing cluster unit host names
• Synchronizing the cluster configuration
• Upgrading firmware
• Replacing a FortiGate unit after failover
Configuring cluster interface monitoring
Monitor FortiGate interfaces to make sure that they are functioning properly and that
they are connected to their networks. If a monitored interface fails or is disconnected
from its network, the FortiGate unit stops processing traffic and is removed from the
cluster. If you can re-establish traffic flow through the interface (for example, if you
reconnect a disconnected network cable) the FortiGate unit rejoins the cluster.
Note: You cannot connect to the HA interfaces to manage the cluster or to manage individual
FortiGate units in the cluster.