FortiGate Firewall High availability (HA) configurations | Active-Passive mode

In the last two posts, I explained How to register, configure management IP Address, license activation, version upgrade & internet connectivity of the Fortinet firewall.
Today we will cover the High availability (HA) Configurations of the Fortinet firewall step by step.
Prior to practical implementation let me write a short definition of High availability first.
What and Why HA:
Note: High availability in Fortinet is the clustering of a minimum of two & maximum of four firewalls but in another vendor’s only two firewalls using in HA.
In our case, we have two FortiGate 101F, on both firewalls HA1 & HA2 ports connected.
Physically ports connectivity HA1 & HA2 on both firewalls:

I have access first firewall you can see both HA1 & HA2 are connected in green color, below screenshot for reference.

By default, the management port IP Address of both firewalls are the same 192.168.1.99 we can access one firewall at a time, as to access both firewalls at a time configure different IPs on any firewall port.
Now let’s configure Port-1 as a management port & configure IP Address as that port configuration I already explained in the previous post. Below link for reference
Connect both firewalls port-1 & laptop with a switch to access both firewalls at a time to check HA configuration & verification.
The final topology will be like this through switch

Both firewalls are accessible from the PC.
Let’s start HA Configurations
Before starting configurations learn the sequence of master selection rules in FortiGate firewall.
By default, election: override disable

Election sequence: override enabled

Go-to system > system > HA

Primary Firewall HA Setting:

Below are the primary firewall setting of HA, as the default Device priority is 128 but I changed it to 200,
For group ID I put 51, then group name & set password.
HA1 & HA2 are heartbeat interfaces
Monitor interface: in our case no monitor interfaces.
Heartbeat interface priority by default is 0 but I changed it to 50.
In the last management interface reservation is optional I entered my management port-1 & gateway IP address is the switch IP Address.

Secondary Firewall HA Setting:
Below are the secondary firewall configurations that set Device priority to 100 & same Group ID & name. Then click ok

Wait for one or two minutes then check from HA status now both are synchronized & primary/secondary selection is also completed.

Finally synchronized

Here the selection is decided on priority bases as monitor interfaces are empty same on both firewalls.
Above is the practical implementation of High availability on 101F FortiGate firewalls, if you have any interesting points regarding HA, please share with us in the comments.
Interview Questions: