Azure Fortigate Virtual Server Active Passive HA failover #270
Comments
|
Another way could be to configure one virtual server which only works on the (default) primary and the (default) failover instance. Unfortunately, from the list of ha-synced objects (https://community.fortinet.com/t5/FortiGate/Technical-Tip-HA-FortiGate-configurations-that-will-sync-and/ta-p/216710) this would create both virtual servers on both VMs, making it not very nice. |
|
As during failvoer, public-ip is moved from primary to the secondary, but not the private ip address assigned to the instance in azure. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I could not find any information on how to adapt the virtual server ip in case of a failover from active to passive in terraform.
My scenario is that I have an active-passive HA setup in Azure, with a management interface, ha ports and public/private ports.
When setting up the virtual server, the private IP it receives on the active fortigate must be assigned to it. However, in case of a failover as in the templates here, the public IP is reassigned to a predefined ip-config, so another private IP - resulting in the virtual server becoming unreachable.
For the virtual server to keep working, I would need to specify the public IP there (which didn't work for me) or adjust its private IP in case of a failover, which I could not find means to do it.
Did I miss something, or is this not supported?
The text was updated successfully, but these errors were encountered: