Setting up failover ospf routing on Fortigate
I’ve put together a small guide for setting up two Fortigates with failover ospf routing. This example is based on a small lab, but you can easily adapt it to your own environment. This is the scenario: In this scenario we want the 100Mb line to be prioritized. Start of with setting up the two Fortigates with ip-adresses as shown. Also make sure to create firewall rules for traffic from internal to wan1 and wan2 and back (make sure not to enabel NAT). Then you have to enter the following config to enable ospf: On FGT1: config router ospf config area edit 0.0.0.0 next end config network edit 1 set prefix 0.0.0.0 0.0.0.0 next end config ospf-interface edit “wan1” set cost 2 set interface “wan1” next edit “wan2” set interface “wan2” next end config redistribute “connected” end config redistribute “static” end config redistribute “rip” end config redistribute “bgp” end set…
Setting up Fortigate units in HA
Setting up an HA cluster on Fortigate devices is surprisingly easy, heres a short little guide: Set up the first Fortigate the way you want it (or perhaps you already have one in you environment). Then click on configure, next to HA Status on the main page. Type in the name and password for the HA group you want to create. Choose which interfaces you want the heartbeat to be sent over (I recommend at least to interfaces, one of them being dedicated to heartbeat). Also choose what kind of cluster you want (active-active, active-passive). Connect the new Fortigate (reset it to factory defaults if not already done). Repeat the previous steps for the new Fortigate, typen in the same group name and password. Connect the cables and in a few minutes the two Fortigate units will start to exchange configs. You can review the status from the main page.…