FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
An extension to the FGCP combines switching HA and firewalls HA into a single unified design. This feature is currently available on the FortiGate-100D and may be expanded to other models in future releases.

A FRUP cluster consists of two identical FortiGate-100D units that have dual redundant links to all connected devices and networks and can include redundant FortiAP units. Connections to the Internet normally use the wan1 and wan2 interfaces for redundant connections.

If the Fortigate-100D unit is in interface mode, “set frup enable” command will not be available on CLI.


To enable this feature the FortiGate-100D unit must be changed to switch mode:

# config system global
    # set internal-switch-mode switch
# end

Switch mode combines the FortiGate unit interfaces into one switch with one address. Interface mode gives each internal interface its own address.

Before switching modes, all configuration settings for the interfaces affected by the switch must be set to defaults.