Recovering from a fortigate failure – Fortinet Version 3.0 User Manual
Page 43
Configuration and operating procedures
Recovering from a FortiGate failure
FortiBridge Version 3.0 Administration Guide
09-30000-0163-20061109
43
To add and enable an SNMP community
1
Log into the CLI.
2
Add the first SNMP community and name it snmp1. Enter:
config system snmp community
edit 1
set name snmp_1
end
The new SNMP community is enabled by default. SNMP v1 and v2 traps are also
enable by default. You can disable traps and change ports. See
for more information.
3
Add the IP addresses of two SNMP managers that can receive traps. Enter
config system snmp community
edit 1
config hosts
edit 1
set ip 172.20.120.12
next
edit 2
set ip 192.168.20.102
end
end
Recovering from a FortiGate failure
After the FortiBridge probe detects a FortiGate failure the FortiBridge unit stops
sending probes. To restart probes you can restart the FortiBridge unit, connect to
the FortiBridge CLI and enter the execute switch-mode command, or press
the mode button on the FortiBridge unit front panel.
Normally, an action on failure causes the FortiBridge unit to fail open. When the
FortiBridge unit fails open, it begins operating in Bypass mode. In bypass mode
the INT 1 and EXT 1 interfaces are directly connected and you cannot use Telnet
or SSH to connect to the FortiBridge CLI. Use the following procedure to recover
from bypass mode after a FortiGate failure and resume normal operation.
To resume normal operation from bypass mode
When the FortiBridge unit is operating in bypass mode, you need to do the
following to resume normal operation:
1
Review FortiBridge alerts and check the status of your FortiGate unit and network
components to determine the source of the failure.
A network component or the FortiGate unit could have experienced a general
hardware failure or a specific software failure.