Fortinet black logo

FortiGate-7000F Handbook

Enabling auxiliary session support

Copy Link
Copy Doc ID f2d4ea6c-35c4-11ed-9d74-fa163e15d75b:258687
Download PDF

Enabling auxiliary session support

When ECMP is enabled, TCP traffic for the same session can exit and enter the FortiGate on different interfaces. To allow this traffic to pass through, FortiOS creates auxiliary sessions. Allowing the creation of auxiliary sessions is handed by the following command:

config system settings

set auxiliary-session {disable | enable}

end

By default, the auxiliary-session option is disabled. This can block some TCP traffic when ECMP is enabled. If this occurs, enabling auxiliary-session may solve the problem. For more information, see Technical Tip: Enabling auxiliary session with ECMP or SD-WAN.

Enabling auxiliary session support

When ECMP is enabled, TCP traffic for the same session can exit and enter the FortiGate on different interfaces. To allow this traffic to pass through, FortiOS creates auxiliary sessions. Allowing the creation of auxiliary sessions is handed by the following command:

config system settings

set auxiliary-session {disable | enable}

end

By default, the auxiliary-session option is disabled. This can block some TCP traffic when ECMP is enabled. If this occurs, enabling auxiliary-session may solve the problem. For more information, see Technical Tip: Enabling auxiliary session with ECMP or SD-WAN.