Description | This articles discusses about what configuration will and will not sync for HA FortiGate. |
Scope | HA FortiGate. |
Solution |
While most of the configuration will be synced between HA FortiGates, there are certain configurations (specifically the 'set' commands) that will not sync between the FortiGate. Due to the nature of the configuration, set the config independently. This is a list of the configuration that will not sync:
# config system interface edit [port] set management-ip X.X.X.X/X next end
# config system global set hostname [string] end
Note: The interface that is specified for the ha-mgmt-interface will not have it's configuration synced under 'config system interface'.
set group-id [0-255] edit [ID] end set override [enable|disable] end end
It's also possible to setup a vdom-exception to specify any of the following configuration to not sync between the cluster units. If VDOM mode is disabled then the object(s) configured will apply for the whole device. If VDOM mode is enabled then the object(s) configured will apply to the scope specified.
# config system vdom-exception edit 1 set object [object] next end
List of object that can be independently configured:
*These configurations are only available on VM models |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.