Description
This article describes how to configure FGSP session synchronization between standalone chassis FortiGates.
Useful links:
Fortinet Documentation
https://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-high-availability/HA_standaloneConfi...
Scope
FortiGate v6.0.4, build 8385
Solution
Standalone session synchronization is deployed for session-synchronization among multiple data centers
Example of standalone session synchronization between two data centers.
Use the following command to configure an FGSP HA cluster-sync instance:
#config system cluster-sync
edit 1
set peervd "mgmt-vdom"
set peerip 10.10.10.1
set syncvd "VDOM-1" "VDOM-2" "VDOM-3"
nextHA configuration session:#config system haImportant Note: To have confidence that configuration on both Chassis is matching, please perform primary node configuration backup, adjust it to secondary node requirements (hostname, end-to-end IP address(between chassis), system cluster-sync addresses) and recover pre-prepared configuration file on secondary node.
set session-pickup enable
set session-pickup-connectionless enable
set session-pickup-expectation enable
set session-pickup-nat enable
set override disableVerification:
Check and compare sessions existence on both nodes
#diag sys session list
