This post is about configuring VRRP between Fortinet Fortigate and Cisco
Environment
Fortigate firewall and Cisco router’s interfaces are configured using sub-interface, the physical interface will also work here.
100 is the VRRP Group ID
FortiGate Firewall has a higher priority 255, so it will be the master
Cisco Configuration
interface Vlan7
description *** VRRP_VLAN ***
ip address 10.0.0.2 255.255.255.248
ip nat inside
ip virtual-reassembly in
vrrp 100 ip 10.0.0.1
vrrp 100 priority 100
vrrp 100 preemptFortinet FortiGate Firewall Configuration
As of today with FortiOS 7.0.7, it still does not have the option in GUI for VRRP.
config system interface
edit "VLAN7"
set vdom "root"
set ip 10.0.0.3 255.255.255.248
set allowaccess ping https snmp http fgfm fabric
set alias "VRRP_VLAN"
set device-identification enable
set vrrp-virtual-mac enable
config vrrp
edit 100
set vrip 10.0.0.1
set priority 255
set preempt enable
set status enable
next
end
set role lan
set snmp-index 20
set interface "internal5"
set vlanid 7VRRP status
ICTFellaFW01 # get router info vrrp
Interface: VLAN7, primary IP address: 10.0.0.3
UseVMAC: 1, SoftSW: 0, BrPortIdx: 0, PromiscCount: 1
HA mode: primary (0:0:1) VRRP master number: 1
VRID: 100 verion: 2
vrip: 10.0.0.1, priority: 255 (255,0), state: MASTER
adv_interval: 1, preempt: 1, ignore_dft: 0 start_time: 3
master_adv_interval: 100, accept: 1
vrmac: 00:00:5e:00:01:64
vrdst:
vrgrp: 0