Technical Tip: How do I convert a standalone FortiGate unit into a cluster?

Note: All FortiGate units have HA capabililties except the FortiGate-50A and 50AM.

Use the following steps to convert an already configured and installed FortiGate unit into a cluster by changing this FortiGateunit into a primary unit and adding subordinate units.

The new FortiGate unit must:

• Be the same FortiGate model as the original FortiGate unit.
• Have the same hard drive configuration as the original FortiGateunit.
• Be running the same firmware version and build as the original FortiGate unit.

  Configure the standalone FortiGate unit for HA

  1. Connect to the FortiGate unit web-based manager.
  2. Go to System> Config> HA.
  3. Configure the FortiGate unit for HA operation.
     Mode: Active-Active
     Group ID: (any number between 1 and 63)
     Unit Priority: 255 (Set a high priority so that this unit becomesthe primary unit.)
     Password: (enter and confirm a password of up to 15 characters)
     Schedule: Round-Robin (Keep default settings for all others.)
  4. Select Apply.
  5. Configure the new cluster unit with the same HA configuration asthe original FortiGate unit with two exceptions. Do not change theunit priority and do not select Override Master.
  6. If the original FortiGate unit was operating in Transparent mode,switch the new FortiGate unit to Transparent mode.
  7. Power off both FortiGate units. Connect the cluster to your network (see diagram).

      

  8. Turn on the FortiGate units.As the units start, they negotiate to choose the primary unit and thesubordinate unit. Because the original FortiGate unit has the highestunit priority and because you selected Override Master, the originalunit becomes the primary unit. Once the cluster is up and running theconfiguration of the primary unit is synchronized to the other cluster unit. This process occurs with no user intervention. When complete the cluster is configured for your network and no further configuration changes are required.