Sounds like you have just been through a rough day. Cheer up Mike, we do like your videos. 😉

Great to see that you are back at last. 😊

The GOAT of FortiGate tutorials

I have a pair of 500D and 300D FortiGate firewalls. Each pair are in HA. Definitely nice to have in the enterprise! I'm planning on introducing a pair of 1024D's and hopefully utilize MC-LAG

Missed your videos. Looking forward to more in the near future.

Great as always!

Thanks for this, Mike! Been very curious about the process for this for some time, but haven't had two forti's to do this with or had anyone to watch do this.

Wicked Video Mike, I did a HA setup too with my 61e's & pair of Cisco 24 port Switches :) Keep these videos coming !

I have a pair of 601E at data center and corporate office. Both using HA setup. Although I am not using two Fortinet switches as HA. They're configured with a group of 4 ports VLANs to handle the WAN, LAN, VOIP and DMZ. It's not ideal but it makes moving the physical cables from one switch to another easy if one should die. I also have a third switch as a cold spare in the rack. I did the same thing with the WatchGuards before we moved to Fortinet products. Some ISP providers will give you two WAN drops for your HA setup. I agree on using active and passive in the HA cluster so you don't get into a pinch about performance if you need to do maintenance or one should die. There is one thing I did like about the WatchGuard's license policy for active / passive setup is that you only need live security on both devices. IPS and other licensed services are only required on the active device.

Recently configured two Fortigates 200Fin HA and two Fortiswitch 524D as core with MCLAG ICL, then a buch of 148Fs hanging from the latter for edge switching

I love Fortigate because is extremely simple and extremely clear (best GUI) vs Palo Alto, SRX and so on. Team from Fortinet does good work.

Could you do a video on transitioning from static routing to dynamic routing like OSPF? I'm sure lots of people start out on entirely static routes then reach a scale where it becomes a pain to manage. I'm interested in the specifics on how the static routing will interact with the dynamic routes during the transition. Asking for a friend. 😉

Excellent tank you :)................

Tight! Tight!! TY

Would like to make a request: Can you do a video setting up two AP's as a bridge, connecting two FSW together with fortilink and multiple vlan operation? This configuration is stumping the fortinet engineers!

gracias Genio!!!

I find your content very helpful, the only thing that would help is if you could speak a bit more loudly or add a bit more volume to the audio for sometimes it's difficult to understand clearly what you are saying. Thanks and keep them coming.👍

Great

Gave you credit with corporate armor for the whole new network I just bought. I'd love to get another 601 so I could do ha but the budget just isn't there unfortunately

1 - What options should we enable on the CLI to have a smooth failover? 2 - Can you do a video on using a firewall as layer 2, and maybe touch on how this works in a cluster?

thanks well legend

Good video! Could you please make a video of a deep dive into the HA options such as monitoring ports and manual failover and failback? Maybe you could show HA status in the cli too. You could show how an firmware update works with HA.

Thanks for doing those Videos, they are very good. i have a question about "port channel" can we create port channel two cables between the FortiGate1 going one cable to the Fortiswitch1 and the other fortiSwitch2: doing the same with FortiGate2?

The only firewall I know is Sophos XG and now XGS. I configured HA for a client that is a 24/7 company with 7 warehouses and it was easy and it worked as expected. I have always been intrigued by FortiGate. Which is better?

Well it all look easy for you... I never did a irl setup so far ..hope I will be successful 🤞.. being a fresher in this field without any support..it feels so difficult 😭

Would have been good to discuss session pickup more, what types of sessions can and can't be failed over and other ideas like that. I would also like to know more about active active, any chance of ajother HA video mate?

That mac address story remind me of that day when I installed Fortigate cluster in a data center where another client had already another Fortigate cluster. We were both connected to the same datacenter internet provider switch and obviously spoofing the same mac address...

A while back I added MCLAG and you mentioned it, any plans to make a video on that. Also have a NAC deployment and was wondering if you had plans to make a video for pointers, maybe I missed something, maybe I missed a lot.

Hey...have a doubt here.... Did you get a chance to check the CAM LAN switch where the secondary ports sre connected? They do not populate physical mac address of the Fortigate nic.... wanted to understand the concept

Guru, I'm having a really hard time finding a way to build a whitelist in fortiOS 7.0.2, could you make a video talking about white and blacklist rules? how to build it properly? I've been researching reddit and forti cookbock but I just can't figure out what I'm doing wrong. love your videos I learned a lot from you keep it up !!

Hi Mike, new to fortigate fw I recently watched your video about firmware upgrades and your three rules.. I Would really like to use video content filtering but its only included in V7 and not V6.4.6 So I guess my question is for new out of the box setup is it save/advisable to upgrade to newer firmware's and when do you bite the bullet to do upgrades in production? EXAMPLE: GA minus 2 versions Thanks

13:03 i was wondering, if there isn't a DHCP, how they are going to get a new management IP? and can we do it through cli?

Hello, can you explain more why the frotigate is degraded when primary/slave failed in active-active setup?

Set this up about 6 months ago with 101F Frotigates and 124F FortiSwitches. Opted for the FortiLink Split interfaces. Probably more of a pain than I needed to go through. Had one switch drop offline and needed a hard reboot to get it going again. Never did find the root cause.

How about fortigate vs multiple switches session? Thanks.

My experience, is that HA makes the maintenance window longer because the delay after one reboots we need to wait for them to Sync again. Depending on the customer some connections to the Internet will break during HA so for some customer its more outages than less, I am not advocating against redundancy, it's def. nice to have. But a single reboot for upgrade. Maybe Fortinet could improve the way they upgrade. Also I noticed that this on Active/Passive. Active/Active is not really a fact, I have tried to work with Fortinet Support and they have said that it doesn't really work to avoid outages.

Hi, I like you lectures. Unfortunately I have problem you did not review - passing the multicast traffic from the provider to STB. Can I contact you to guide me about this?

Hellow, please make review about new version fortios 7.2!

Hey Mike, good time for you to make a video on how to block Log4J on Fortigate FW.

Hello from Russia. btw recently i configured Fortigate 200 mode with HA mode in prodaction.

13:03 from where did u bring floating IP

Need a Help: I need to allow port 3306 from outside company one particular IP address?

I see you did not select the "Monitor Interface" option under HA. Curious to know how will FWs detect failover scenario.

can someone explain how to do the process mentioned in 12:40 ?

Good video, I do have a question. Can you HA an existing firewall? I have a 201F and bought a backup unit.

Do you consider to set monitor port in HA settings? if the port down, the failover will happen right away.

hi. I am looking at buying two 60f, can I use unifi switch to set up ha

how can i deploy Fortigate FW HA active-active on AWS in muli AZ environment with autoscalling?

Hope your doing alright Chuck its been a few months. Can you show us how to configure a FortiSwitch 224E in Stand alone mode? I've been having issues getting mine to work correctly with the management vlan.

I like the sound of your keyboard and mouse, what do you use?

HI Fortinet Guru I have a question. I have a setup that is in HA Cluster (Active-Active). The problem when I update the firmware both Firewalls will loose connection and restart. I was expecting that the Primary will be updated first, then the backup will be next. Can you give me any advise what I am doing wrong. Thanks

Do you have any interest or experience in configuring FortiWeb?

Can we test the HA Cluster on EVE-NG ? Did any one try it ?

Hi, do you usually do Central NAT? Is your preference Flow-based inspection?

Hello Fortinet Guru just one question please I have fortigate which i made web filter on it but some user uses VPN to passthrow web filter how I can fix this, what the method to solve this thank you

hey, fortinet Guru, do you have any videos for VDOMs?

What equipment are you running your self this days?

Confused on how you have this hooked up to the switches...

deus do fortinet

1:35 Fortigates use HSRP? Don't use Cisco trash... VRRP, etc.

.

The part about the device priority is wrong. The lower the number, the higher the priority.

bla bla bla ...

I have to two fortigate firwall 201 f and want to configure cluster HA. And Also have to Wan connection. I need a little help with that. Can you please share your email address so we can discuss it sir.