• All Files

Home > Online Help

Virtual cluster

If VDOM (virtual domain) is enabled on a cluster operating Transparent Mode, HA Virtual Clustering can be configured in active-passive mode.

This will provide:

• Failover protection between two instances of a VDOM operating on two different FortiGate in the cluster.
• Load balancing between the FortiGate units on a per-VDOM basis.

The roles have been defined such as, in normal operation:

• FortiGate1 is Master for Vdom1 and Slave for Vdom2
• FortiGate2 is Master for Vdom2 and Slave for Vdom1

In case of a failure or reboot of a FortiGate, the remaining unit will become Master for Vdom1 and Vdom2.

The VDOMs given in this example are showing physical ports but a VDOM can also include VLAN interfaces.

The L2 connectivity between the FortiGate is showing 4 separate L2 switches, but it could also be one single switch one each side configured with appropriate VLANs.

Configuration example

• FortiGate1:

FGT1 (global) # show system ha

 

config system ha

set mode a-p

set hbdev "port5" 0 "port6" 0

set vcluster2 enable

set override disable

set priority 200

config secondary-vcluster

set override enable

set priority 100

set vdom "Vdom2"

end

end

 

• FortiGate2:

FGT2 (global) # show system ha

 

config system ha

set mode a-p

set hbdev "port5" 0 "port6" 0

set vcluster2 enable

set override disable

set priority 200

config secondary-vcluster

set override enable

set priority 100

set vdom "Vdom2"

end

end