Created on 08-04-2022 08:34 AM Edited on 02-20-2024 03:04 AM By Jean-Philippe_P
Description
This article explains how to configure and troubleshoot issues with FortiAnalyzer HA.
Scope
FortiAnalyzer.
Solution
Pre-request:
Sample Diagram with Port & IP Configuration:
Note: Virtual IP should be the same in both Primary and Secondary devices.
On FortiAnalyzer-Primary device:
System Settings -> HA -> Operation mode select 'High Availability'.
Configure the following details:
Preferred Role: Primary.
Cluster Virtual IP:
Interface: port1.
IP Address: 10.109.21.123 (make sure this IP is not used in the network).
Cluster Settings:
Peer IP: 10.123.5.198 (Secondary FortiAnalyzer IP address).
Peer SN: FAZVMXXXXXX (Secondary FortiAnalyzer Serial Number).
Group Name: HA (Any name can be given, but should be the same on Pri & Sec).
Group ID: 9 (Any number (1-255) can be given, should be the same on Pri & Sec).
Password: Fortinet@123 (Can give any password, but should be the same on Pri & Sec).
Heart Beat Interval: 1.
Priority: 120 (Higher Value states as Primary device).
Log Data Sync: Enable the toggle option.
On FortiAnalyzer-Secondary device:
System Settings -> HA -> Operation mode select 'High Availability'.
Configure the following details:
Preferred Role: Secondary.
Cluster Virtual IP:
Interface: port1.
IP Address: 10.109.21.123 (make sure this IP is not used in the network).
Cluster Settings:
Peer IP: 10.123.5.189 (Secondary FortiAnalyzer IP address).
Peer SN: FAZVMXXXXXX (Secondary FortiAnalyzer Serial Number).
Group Name: HA (Any name can be given, but should be the same on Pri & Sec).
Group ID: 9 (Any number (1-255) can be given, should be the same on Pri & Sec).
Password: Fortinet@123 (Can give any password, but should be the same on Pri & Sec).
Heart Beat Interval: 1.
Priority: 100 (Lower Value states as Secondary device).
Log Data Sync: Enable the toggle option.
After configuring Primary & Secondary this output on GUI can be seen.
Troubleshooting Commands:
On Primary-FortiAnalyzer:
diag ha status
get system ha
On Secondary-FortiAnalyzer:
diag ha status
get system ha
With these 2 commands, troubleshoot the status and the configured values for FortiAnalyzer-HA.
Restart the Cluster Process and collect its debug output:
After checking the configuration settings, restart the clustering process on both Primary & Secondary devices.
diagnose test application clusterd 1
diagnose test application clusterd 99
Also, collect the cluster debug output on both Primary & Secondary devices.
diagnose debug application clusterd 255
diagnose debug enable
Related Documents:
Setting up a FortiAnalyzer HA cluster
Technical Tip: How to configure FortiAnalyzer HA instance in Google Cloud Platform (GCP)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.