cluster active standby firewalls FortiGate and IF-management example-config
13.12 2019 | by massimilianoCluster FW di riferimento: FG1 config system ha set mode a-p set hbdev “port31” 0 “port32” […]
https://www.ingegnerianetworking.com/wp-content/uploads/2019/12/cluster-fw-fortigate-60a.png
Cluster FW di riferimento:
FG1
config system ha |
set mode a-p |
set hbdev “port31” 0 “port32” 0 |
set session-pickup enable |
set override disable |
set priority 255 |
set monitor “IF_A” “IF_B” |
end |
!
FG2
config system ha |
set mode a-p |
set hbdev “port31” 0 “port32” 0 |
set session-pickup enable |
set override disable |
set monitor “IF_A” “IF_B” |
end |
Esempio di configurazione management OOB
FG1
config system interface
edit “mgmt1”
set ip < ip address_mngt_FW-1 > < subnet mask >
set allowaccess ping https ssh http fgfm
set type physical
set dedicated-to management
end
!
config system dedicated-mgmt
set status enable
set interface “mgmt1”
set default-gateway < ip address gateway >
end
!
config system ha
set group-name < name >
set mode a-p
set ha-mgmt-status enable
set ha-mgmt-interface “mgmt1”
set ha-mgmt-interface-gateway < ip address gateway >
end
!
FG2
config system interface
edit “mgmt1”
set ip < ip address_mngt_FW-2 > < subnet mask >
set allowaccess ping https ssh http fgfm
set type physical
set dedicated-to management
end
!
config system dedicated-mgmt
set status enable
set interface “mgmt1”
set default-gateway < ip address gateway >
end
!
config system ha
set group-name < name >
set mode a-p
set ha-mgmt-status enable
set ha-mgmt-interface “mgmt1”
set ha-mgmt-interface-gateway < ip address gateway >
end
!