fgcp - configuration between 2 clusters

wsal · ‎11-24-2023

Hello everyone.

I found something like fgcp. This seems to be an interesting solution to increase redundancy.

I will be replacing my 600e cluster with a 400f cluster soon.

I'm considering using a 600e cluster as a backup for a 400f at a remote location.

the sites are connected via an L2 link so I can create a VLAN for HA between the sites.

I'm wondering if there's anything I can do so that when the 400f cluster stops responding, traffic will be switched to the 600e cluster?

I will add that the 600e will not have a UTM license - hence the swap - but I will include this in the policy.

I'm thinking about creating a backup DC on old devices and I see it something like this:

I could do this by simply building an HA FG400F at a remote location, but it's really intended to be a backup center in case of an on-site failure.

and I prefer to have a 400 acre cluster at home in DC.

The question is: is it even possible?

vol

abarushka · ‎11-24-2023

Hello,

Generally FGCP over FGSP may be considered in such scenario. Please find the details below:

However UTM may cause an issue in your environment.

Potentially FGCP over VRRP may also work, but I cannot find such publicly documented design.

Generally such design (FGSP or VRRP) in our environment may have multiple potential design flaws.

FortiGate