FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes about session and IPSec tunnel synchronization between FGSP members.
Normally sessions will be synced between FGSP members automatically However, after a reboot or upgrade, it can be needed/desired to sync sessions and IPSec tunnels immediately with a command.
Scope
FortiGate 6.4.10 and above.
Solution
Two new commands, execute sync-sessions and execute sync-IPSec introduced in 6.4.10 to assist with session/IPSec sync between FGSP members.
See below examples on how to use commands:
FGT (global) # execute sync-session This operation will synchronize sessions from peers! Do you want to continue? (y/n)y
Starting to retrieve sessions from other peers ...
FGT (global) # execute sync-IPSec This operation will synchronize IPSec from peers! Do you want to continue? (y/n)y
Starting to retrieve IPSec from other peers ...
Sessions and/or IPSec tunnels will be synced after running the commands.
