Technical Tip: The FGSP kernel standalone dev_base...

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 407981

Description

This article describes the linkfail status on the FGSP kernel standalone dev_base.

Scope

FortiGate, FGSP.

Solution

The linkfail status for kernel standalone dev_base is only applicable when layer2-connection is set to available.

config system standalone-cluster
set standalone-group-id <Group ID>
set group-member-id <Member ID>
set layer2-connection available <-----

To check the link failure status:

diagnose sys ha standalone-peers

If the interface is up, the linkfail will show as 0. This indicates the interface is ready to process the traffic. If layer2-connection is set to unavailable, linkfail status is expected to be 1.

config system standalone-cluster
set standalone-group-id <Group ID>
set group-member-id <Member ID>
set layer2-connection unavailable <-----

Related document:

UTM inspection on asymmetric traffic in FGSP for more information.

110

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: The FGSP kernel standalone dev_base linkfail status

You are leaving our website