About This Architecture

FortiWeb high-availability cluster deployed across dual Cisco Nexus 5K switches protects Rossko's multi-environment web infrastructure. FortiWeb-1 (10.255.243.112) and FortiWeb-2 (10.255.243.122) operate in active-passive HA mode with direct heartbeat link (169.254.10.10/11) and shared cluster VIP (10.255.243.10) fronting production, staging, and development environments. Backend traffic routes through LANDMZ zone to Nginx/HAProxy load balancers serving MCR, Zavod, Parterra, RR, and Fit application pools across segregated network segments. This topology demonstrates enterprise WAF redundancy with zero-downtime failover for organizations running mixed ASP.NET, Java, and Apache workloads behind FortiWeb. Fork this diagram on Diagrams.so to model your own FortiWeb HA cluster with custom backend server pools and VLAN segmentation.

People also ask

How do I configure FortiWeb in active-passive HA mode with a direct heartbeat link and cluster VIP?

Deploy two FortiWeb appliances with dedicated HA interfaces (169.254.10.10/11) connected via direct heartbeat link, configure cluster VIP (10.255.243.10) on LANDMZ interfaces, and connect both units to redundant Cisco Nexus switches for WAN/LANDMZ traffic. This diagram shows the complete topology with backend routing to Nginx/HAProxy load balancers.