How do I set up a config-only HA?


FortiMail supports  two types of HA modes: active-passive HA pairs and config-only HA clusters. This recipe describes how to set up a config-only HA.

Config-only allows up to 25 FortiMail units to use an identical configuration, without synchronizing data and therefore operating as independent FortiMail units.

Before beginning these procedures, be sure to register all FortiMail units in the HA group on the Fortinet Technical Support website.

Configuring mail data storage on a NAS server

Configure each member of the cluster to store mail data on a NAS server that supports NFS connections. 


 1.  Go to Mail Settings > Settings > Storage.

 2.  Select the NAS server radial button and test its connection with the Test… button.

Configuring a NAS server.
Configuring a NAS server.

 3.  Select the type of NAS server from the Protocol dropdown menu.

 4.  Enter the Hostname/IP address, port and directory information.

 5.  Edit the Centralized Quarantine and Centralized IBE section to your preferences. For more information, see “Selecting the mail data storage location” in the FortiMail Administer Guide.

 6.  Select Apply.

Configuring HA

To configure HA options

 1.  Go to System > High Availability > Configuration.

 2.  Select config master if the FortiMail unit is the primary unit in the group or config slave if the FortiMail unit is the secondary unit in the group from the Mode of operation dropdown menu.

Selecting config master.
Selecting config master.

 3.  Enter an HA password for the HA group in the Shared password You must use the same password for both the primary and secondary units.

 4.  Enter the HA base port value under Advanced options.

Enter the first of four TCP port numbers that will be used for:
– the heartbeat signal
– synchronization control
– data synchronization
– configuration synchronization

 5.  For the master unit, enter the slave IP address/addresses. If you’re configuring the slave unit, specify the master unit IP address.

 6.  Select Apply.