Fortinet black logo

FortiGate-7000F Handbook

Home FortiGate-7000 7.0.15 FortiGate-7000F Handbook
7.0.15
7.0.15
7.0.14
7.0.13
7.0.12
7.0.10
7.0.5
6.4.15
6.4.14
6.4.13
6.4.12
6.4.10
6.4.8
6.4.6
6.2.16
6.2.16
6.2.15
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.7
6.2.6

FortiGate 7000F FGSP

FortiGate 7000F FGSP

FortiGate 7000F supports the FortiGate Session Life Support Protocol (FGSP) (also called standalone session sync) to synchronize sessions among up to four FortiGate 7000Fs

For details about FGSP, see: FGSP.

You have the following options for selecting interfaces to use for FGSP session synchronization:

  • Up to eight physical data interfaces.

  • One or more data interface LAGs.

  • VLANs added to the data interfaces or data interface LAGs.

  • The M1 to M4 interfaces of either FIM.

  • A LAG consisting of the M1 to M4 interfaces of one or both FIMs.

You can use configuration synchronization to synchronize the configurations of the FortiGate 7000Fs in the FGSP deployment (see Standalone configuration synchronization). You can use the M1 to M4 interfaces for configuration synchronization. You can also configure the FortiGate 7000Fs separately or use FortiManager to keep key parts of the configuration, such as security policies, synchronized.

FortiGate 7000F FGSP support has the following limitations:

  • FortiGate 7000F FGSP doesn't support setting up IPv6 session filters using the config session-sync-filter option.
  • Asymmetric IPv6 SCTP traffic sessions are not supported. These sessions are dropped.
  • Inter-cluster session synchronization, or FGSP between FGCP clusters, is not supported for the FortiGate 7000F.
  • FGSP IPsec tunnel synchronization is not supported.
  • Fragmented packet synchronization is not supported.
Previous
Next

FortiGate 7000F FGSP

FortiGate 7000F supports the FortiGate Session Life Support Protocol (FGSP) (also called standalone session sync) to synchronize sessions among up to four FortiGate 7000Fs

For details about FGSP, see: FGSP.

You have the following options for selecting interfaces to use for FGSP session synchronization:

  • Up to eight physical data interfaces.

  • One or more data interface LAGs.

  • VLANs added to the data interfaces or data interface LAGs.

  • The M1 to M4 interfaces of either FIM.

  • A LAG consisting of the M1 to M4 interfaces of one or both FIMs.

You can use configuration synchronization to synchronize the configurations of the FortiGate 7000Fs in the FGSP deployment (see Standalone configuration synchronization). You can use the M1 to M4 interfaces for configuration synchronization. You can also configure the FortiGate 7000Fs separately or use FortiManager to keep key parts of the configuration, such as security policies, synchronized.

FortiGate 7000F FGSP support has the following limitations:

  • FortiGate 7000F FGSP doesn't support setting up IPv6 session filters using the config session-sync-filter option.
  • Asymmetric IPv6 SCTP traffic sessions are not supported. These sessions are dropped.
  • Inter-cluster session synchronization, or FGSP between FGCP clusters, is not supported for the FortiGate 7000F.
  • FGSP IPsec tunnel synchronization is not supported.
  • Fragmented packet synchronization is not supported.
Previous
Next