Technical Tip: FortiProxy unicast-gateway for HA Config-Sync cluster
| Description | This article describes how to configure a unicast-gateway for an HA Config-Sync cluster. |
| Scope | FortiProxy v7.0 and later. |
| Solution | The unicast-gateway is supported in FortiProxy v7.0 and later. Config-Sync HA cluster can set up up to 8 hosts unicast.
The command is:
config system ha set group-id <id> set group-name <group name> set mode config-sync-only set password <password> set hbdev <interface> <priority> set override disable set unicast-status enable config unicast-peers edit 1 set peer-ip <peer#1 IP address> next edit 2 set peer-ip <peer#2 IP address> next end end
The unicast-status can be configured when unicast-hb is disabled.
Note: Unicast configuration synchronization is supported at Layer 3, enabling peer synchronization in cloud environments without Layer 2 networking capabilities. By configuring a unicast gateway, peers can be located in different subnets.
set unicast-gateway x.x.x.x
Also, ensure that probe-response is enabled on the HA port.
edit <HA_port> set allowaccess ping probe-response end |