Technical Tip: PRP handling in NAT mode with virtual wire pair

Description
PRP (Parallel Redundancy Protocol) is supported in NAT mode for a virtual wire pair.

This preserves the PRP RCT (redundancy control trailer) while the packet is processed by the FortiGate.

Solution
To configure PRP handling on a device in NAT mode:
1) Enable PRP in the VDOM settings:

FGT(root) # config system settings
          # set prp-trailer-action enable
          # end

2) Enable PRP in the NPU attributes:

FGT(global) # config system npu
            # set prp-port-in "port15"
            # set prp-port-out "port16"
            # end

3) Configure the virtual wire pair:

FGT(root) # config system virtual-wire-pair
          # edit "test-vwp-1"
          # set member "port15" "port16"
          # next
          # end