FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the VRRP configuration with Juniper network devices.
Scope
FortiGate.
Solution
VRRP can be configured between third-party network devices for traffic redundancy.
FortiGate Configuration:
config system interface edit "port19" set vdom "root" set ip 10.1.1.3 255.255.255.0 set allowaccess ping https http set type physical set vrrp-virtual-mac enable config vrrp edit 10 set version 2 set vrgrp 10 set vrip 10.1.1.1 set priority 250 set adv-interval 1 set start-time 3 set preempt enable set status enable next end
Juniper Configuration:
root@R1# edit interfaces ge-0/0/0 unit 0 family inet address 10.1.1.2/24
VRRP Group:
[edit interfaces ge-0/0/0 unit 0 family inet address 10.1.1.2/24] root@R1# set vrrp-group 10
VRRP IP:
[edit interfaces ge-0/0/0 unit 0 family inet address 10.1.1.2/24] root@R1# set vrrp-group 10 virtual-address 10.1.1.1
VRRP Priority:
[edit interfaces ge-0/0/0 unit 0 family inet address 10.1.1.2/24] root@R1# set vrrp-group 10 priority 150 root@R1# set vrrp-group 10 preempt root@Juniper-01# set vrrp-group 10 authentication-type simple
VRRP allows traffic command:
[edit interfaces ge-0/0/0 unit 0 family inet address 10.1.1.2/24] root@R1# set vrrp-group 10 accept-data
