Example, History – Fortinet FortiMail 3.0 MR4 User Manual

set

system ha takeover

FortiMail™ Secure Messaging Platform Version 3.0 MR4 CLI Reference
06-30004-0420-20080814

331

Example

Enter the following command to set the port5 interface with a virtual IP address of 10.10.10.2 and a
netmask of 255.255.255.0 when the FortiMail unit operates in HA mode.

set system ha takeover port5 add 10.10.10.2 255.255.255.0

History

Keywords/Variables Description

Default

The name of the network interface to configure. For example port1, port2,
port3

, mgmt, and so on depending on your FortiMail unit.

{add | bridge |

ignore | set}

Control how the status of the interface is changed by active-passive HA.
Enter add to assign a virtual IP address to a network interface. add
corresponds to the web-based manager add virtual IP/netmask option. When
operating in HA mode, this option adds the specified IP address to the
selected interface of the primary unit. Email processing, FortiMail users, and
FortiMail administrators can all connect to this virtual IP address to connect to
the primary unit. If a failover occurs, the virtual IP address is transferred to the
new primary unit. Email processing, FortiMail users, and FortiMail
administrators can now connect to the same IP address to connect to the new
primary unit. In most cases you would select add virtual IP/netmask for all
FortiMail network interfaces that will be processing email when the FortiMail
cluster is operating in gateway or server mode.
Enter bridge, for a FortiMail HA group operating in transparent mode, for all
network interfaces to be added to the FortiMail transparent mode bridge.
bridge

corresponds to the web-based manager add to bridge option. For the

primary unit, bridge has the same affect as ignore. In both cases the
interface is added to the bridge. For the backup unit, bridge means that the
interface is disconnected and cannot process traffic when the effective
operating mode of the unit is SLAVE. The interface is disconnected to prevent
layer 2 loops. If the effective operating mode of the unit changes to MASTER
the interface becomes connected again and as part of the bridge can process
traffic. For this reason, bridge is the recommended configuration.
Enter ignore if you do not want to apply special functionality to a network
interface when operating in HA mode. ignore corresponds to the web-based
manager do nothing option. Usually you would leave all FortiMail unit network
interfaces that are not connected to your network set to ignore. Primary and
secondary heartbeat interfaces are automatically set to ignore and you
should not change this setting.
Enter set and add an IP address and netmask to change the IP address of
the selected network interface of the primary unit to the specified IP address.
set

corresponds to the web-based manager set interface IP/netmask option.

When a failover occurs this IP address is assigned to the corresponding
network interface of the new primary unit. Changing the IP address of an HA
group interface using set interface IP/netmask replaces the actual IP address
of the interface with the set IP address. The interface has only one IP address.
(This is different from the virtual IP address configuration, which results in the
interface having two IP addresses.)

ignore

Add an IP address and netmask as required depending on the takeover option
that you select. You always have to add an IP address and netmask even if
the takeover option does not require one.

0.0.0.0

0.0.0.0

FortiMail v3.0

New.